The Cost of Identity Theft: Who Pays?
The answer: Right now………you do!!
One of the missing links in the legislation proposed in the fight for identity theft protection, is about responsibility. There is much argument and nashing of teeth over notification procedures for when data is compromised. Fine! That is a problem and it should be addressed by any legislative proposal Congress considers.
The one area of responsibility that I don’t see addressed or read any commentary on is about creditors, lenders and banks’ responsibility when their lack of precaution and/or security costs the identity theft victim lost of funds. Credit card companies offer their customers limited liability exposure if their credit card is used fraudulently. But, if the card fraudulently used happens to be your debit card, the bank issuing the card does not.
As I’ve reported previously, it’s costing Americans $5 billion dollars a year in out-of-pocket expenses. Since credit card companies have limits on liability to their customers if their account is accessed and used fraudulently, that number is significantly lower than it would be otherwise. What is not being addressed directly is the financial burden that victims are required to absorb if the theft involves their debit card or bank accounts.
One of the lastest strategies for stealing personal data is for identity thieves to place themselves, with the appropriate receiving equipment, near a store that uses wireless internet connections for credit transactions. The thieves then collect the credit/debit information from the store’s purchase transactions and use it fraudulently. If your credit card data is stolen and used by thieves, you are usually only responsible for up to $50 of any debt incurred. If it’s your debit card and the thieves empty your bank account, you’re in trouble.
Banks currently don’t accept any responsibility for account funds that are tapped fraudulently. The result…..you could discover that you suddenly have no money in the bank and your bill payments, checks, etc. are bouncing like rubber balls.
And, it doesn’t end there, you also get stuck with all the late fees, bank penalties, overdraft charges and returned check expenses. Most people DO NOT UNDERSTAND that financial institutions spend MILLIONS of dollars ever year lobbying to blunt legislation that would make them legally liable for compromising the security of their customers’ accounts.
I’ve read numerous articles surrounding the legislation Congress is currently reviewing. They argue about consumer notification, encryption exemptions, credit freezing, instant credit, etc. Consumer advocacy groups argue with those elements, often within Congress itself, that are hostile to consumer protection, most frequently mentioned are the Senate Banking Committee and the House Financial Services Committee. Both of these committees oversee banks and other financial institutions, yet, they are reported as being “hostile toward consumer protection”.?!?
Banks, like any other creditor, collect, maintains and trafficks in consumer data. They often create the broadest exposure risk to consumers and, yet, they bear little to no responsibility for the cost to their customers if accounts are tapped by identity thieves. If a thief walks into the bank and robs it, customer accounts are protected………so does it make sense that if the thief accesses the bank fraudulently with a stolen identity that they’re off responsibility hook?
This leads back to what I’ve said before, until the responsibility impacts the pocketbook of those creating consumer exposure, whether it’s through lack of encryption, lack of appropriate systems, unscrupulous employees, or just general carelessness, the risk for each of us will continue to grow……………….and you just might be next!