ChoicePoint: BlurBy John McCormick | Posted 2005-06-14 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Steven Calderon was into his second week working as a security guard for Fry's Electronics when Anaheim, Calif., police walked in and arrested him. Fry's had requested a background check on Calderon, which was done by The Screening Network, a service of C
Among his alleged crimes: child molestation and rape.
Calderon tried to protest his innocence.
He told his captors that his Social Security number and birth certificate had been stolen nine years before. He told them that they could look up his file.
He had reported the theft to the Los Angeles County Sheriff's Station in Norwalk, Calif., 15 miles up Interstate 5.
He asked the Anaheim Police Department to check his fingerprints. Instead, his hands were put in cuffs.
He was taken to a back room. The file that got checked was ... his wallet. Sure, his driver's license listed him as three inches shorter and 15 pounds lighter than the man described on the arrest warrant. But he was Hispanic, and he had the right name and birth date.
Calderon spent the next week in jail—for crimes he didn't commit.
How did he end up in this mess?
A Fry's manager, Tyra Fizel, had requested a background check when Calderon was being hired. The criminal warrants came in a report provided by The Screening Network, a service of ChoicePoint, the $1 billion-a-year data broker based in Alpharetta, Ga. When she saw the felony charges, she called the police.
But no one—not Fizel, not Fry's, not the police—stopped to ask if the data ChoicePoint supplied was accurate. If they had, they might have found out that he was, indeed, an innocent man. Calderon's identity theft report, which he made in Norwalk, Calif., in 1993, wasn't connected with the criminal files that were created in his name.
ChoicePoint, since its Feb. 15 admission that it was fooled into selling personal information on 35,000 Californians to fake businesses set up by Nigerian criminals—and its admission two days later that it really sold information on 145,000 people—has become the poster child for problems in keeping corporate data secure.
Several class-action lawsuits have been filed in the wake of the February security snafu, both by ChoicePoint shareholders and by people whose information ChoicePoint may have sold.
Government bodies—from Congress, to the Federal Trade Commission, to a group of state attorneys general—are in the midst of investigating ChoicePoint for violation of laws regarding the security of information held about consumers by for-profit companies.
Not Just Security, But Accuracy 'Serious' Errors Are Common Data Customers Pay the Costs Collecting Data Without Garbage Filters Records 'Full of Inaccuracies' Crap In, Crap Out Fix It Yourself No Way to Check ChoicePoint Data at a Glance