FOR THE UNITED STATES HOUSE OF REPRESENTATIVES
ON GOVERNMENT REFORM
TOM DAVIS, CHAIRMAN (VIRGINIA)
HENRY WAXMAN, RANKING MINORITY MEMBER (CALIFORNIA)
HEARING ON PRIVACY AND SECURITY WITH REGARD TO PEER-TO-PEER FILE
DATE: MAY 15, 2003 10:00 A.M.
HOUSE OFFICE BUILDING
PROVIDED BY MARI J. FRANK, ESQ.
Good morning, Chairman Davis, Ranking Member Waxman,
honorable committee members, and invited guests. Thank you for the
opportunity to address you today.
My name is Mari Frank. I am an attorney and author of
The Identity Theft Survival Kit from Laguna Niguel, California.
identity was stolen (in 1996) by an impostor who paraded as an
attorney robbing me of my profession, my credit and my peace of mind.
She obtained over $50,000 using my name after going on-line to
obtain my credit report.
personal information, worth more than currency itself, can be
used to apply for credit cards, mortgages, cell phones, insurance,
utilities, products and services all without your knowledge.
A fraudster can do anything you can do- and
worse- even do things you wouldnít do such as
commit crimes or engage in terrorist activities.
There are three motivations for ID theft.
1. Financial Gain
is a high tech computer consultant who normally encrypts all sensitive
data on his computer. Unfortunately,
his resume was not stored in an encrypted file.
He suspects that his impersonator accessed his computer through
a network, copied his resume, and used it to obtain a well paying job. When Robert applied for the same job- he was shocked to find
out another person with his name and credentials was already hired.
2. Avoiding Prosecution-.
Tom was laid off from a high paying job in the medical industry. He had great recommendations and felt sure he would be rehired. For two years he was denied position after position after each company had performed a background check. Finally, Tom hired a private investigator that showed him that his criminal background included 2 DUIís and an arrest for murder. None of which belonged to him.
first cyber stalking case prosecuted in Orange County, California
turned out to be identity theft. A
computer expert was angry when a woman he liked shunned his advances,
so he impersonated her in a chat room- stating that she has fantasies
of being raped. When he gave out her phone number and address, several
men appeared at her door. Terrified
she called the police.
There are many ways in which personal information can be obtained. According to the FTC 72% of victims have no idea how their information was accessed.
The May 2003 CALPIRG study on police
and identity theft lists the top sources of identity fraud:
Stolen or lost wallets
Internet Fraud (hacking, false web sites,
p2p file sharing ñ email vulnerabilities)
Phone Scams with
Unethical Use of Public Documents ñ
11. Medical Cards and
Information Sold By Financial Institutions
hearing is focusing on the Peer-to-Peer file sharing vulnerabilities,
and the potential of revealing sensitive information on our computers.
I suggest the following 10 identity theft protections for computer
ANY PROGRAM BEFORE INSTALLING IT
HOW TO SAFELY STOP SHARING YOUR FILES AND HOW TO BLOCK UNWANTED FILES
FROM ENTERING YOUR COMPUTER.
POSSIBLE, WHEN USING PEER-TO-PEER FILE SHARING AND THE INTERNET, USE A
COMPUTER THAT DOESNíT STORE PERSONAL INFORMATION ON IT.
PROTECT AND ENCRYPT YOUR SENSITIVE FILES,
PUT ANY CONFIDENTIAL INFORMATION IN YOUR E-MAILS UNLESS THEY ARE
CONSCIOUS ABOUT WHAT INFORMATION YOU SHARE IN YOUR FILES, AT WEBSITES,
IN CHAT ROOMS AND IN E-MAIL.
THE PRIVACY POLICIES OF THE WEBSITES YOU DEAL WITH.
8. MAKE SURE YOU HAVE UPDATED VIRUS PROTECTION ON
9. USE A
HARDWARE FIREWALL WHENEVER POSSIBLE.