|
|
|
|
| The Basics | The top 10 states for privacy protection
|
Many states are way ahead of Uncle Sam, putting the power to say yes or no back in your hands and forcing businesses to guard your personal information.
By Liz Pulliam Weston
The federal government is doing a pretty half-hearted job in the area of privacy protection. Some states, though, are picking up the slack.
Alarmed by companies that sell personal data, aid identity theft and snoop into personal lives, these states have passed laws or beefed up regulatory privacy protection.
California, in particular, has some of the toughest privacy protection laws in the nation -- a concern for its residents that boosted it to the top of Privacy Journals list of 10 best states. (Publisher Robert Ellis Smith also lists Connecticut, Florida, Hawaii, Illinois, Massachusetts, Minnesota, New York, Washington and Wisconsin among the top states.)
Others, such as Alaska, Rhode Island and Vermont, have passed innovative laws or otherwise made significant strides toward the protection of residents privacy, Smith said.
Now, it should be noted that the feds have gotten a few things right. Uncle Sam does a pretty good job safeguarding the personal information in its own files, says Smith, and it has enacted other protections, including:
- The national "Do Not Call" list. This wildly popular registry allows consumers to prevent most telemarketing calls.
- Medical record protections. The first federal medical privacy protections, which ensure patients rights to view their own files and prevent certain disclosures to others, took effect in 2003.
- Opt-out requirements. Under the Gramm-Leach-Bliley Act of 1999, financial institutions must give consumers the chance to prevent the release, sale or sharing of certain personal data.
(For more information on these topics, see the links at left under Related Sites.)
For the most part, though, Congress has a tough time resisting businesses that want access to you and your information. The real action in privacy protection is happening at the state level.
Here are some of the rules that the feds and everyones state lawmakers should consider:
Protecting your personal information
The federal opt out regulations force consumers to take action if they dont want the company to sell or share information about them. In Vermont, California, New Mexico and North Dakota, however, the tables are turned: Businesses have to get consumers permission to share their data.
This opt in status drives the big financial companies absolutely nuts, and they spend lots of money to defeat similar laws in other states. The companies warn that residents of opt-in states either:
- will be left out of money-saving offers and other discounts, because businesses wont trouble to adapt their customer service systems, or
- will be blanketed with junk mail and cold calls, because businesses wont be able to customize their marketing lists.
There doesnt seem to be much evidence that residents in opt-in states are suffering. But if they are, passage of these laws in other states will surely convince businesses that they need to adapt rather than fight the change.
Freezing your credit
Identity-theft victims nationwide can put fraud alerts on their credit reports to notify potential lenders that someone may be illegally applying for credit in their names. Unfortunately, some lenders ignore these alerts.
California now allows its residents to freeze their credit reports -- essentially preventing lenders from accessing the files and granting credit. Consumers who take this step are given a special password to unfreeze the accounts when they want to apply for new loans or credit cards.
Credit bureaus must provide the service for free to ID theft victims. Other Californians can freeze their reports for a fee that ranges from $12 to $60, depending on the credit bureau.
Making Social Security numbers off-limits
The same California law that created the credit freeze also restricts how businesses can use Social Security numbers. (These numbers and your name are often all an identity thief needs to start getting bogus credit.)
The law prohibits businesses from:
- Posting or publicly displaying Social Security numbers.
- Printing them on ID cards.
- Printing them on any materials mailed to customers unless a number is required by law or the document is an application or form.
- Requiring people to transmit their numbers over an Internet connection that isnt secure, unless the number is encrypted.
- Requiring people to use their numbers to log onto a Web site unless a password is also required or some other authentication device is used.
Businesses typically must comply with the law for all new customers and transactions, although their current customers must be given the option of having the restrictions apply if they choose. Health care and insurance companies have until July 1, 2005, to comply with the law for all of their customers.
Deterring Dumpster divers
You can use a shredder at home to keep criminals from accessing your personal financial files. But, in most states, you have little control over what businesses do with your records once theyre finished with them.
In Georgia and California, businesses are prohibited from discarding records containing personal information without shredding, erasing or modifying the documents to make the sensitive data unreadable. In Wisconsin, financial institutions, tax preparers and companies with medical information must obliterate or shred documents with Social Security or credit card numbers on them.
Publicizing computer break-ins
This California law may protect consumers well beyond its borders.
The law technically requires companies to alert only their California customers if hackers or employees steal information that could be used for identity theft. Because the law covers companies in and out of state, however, privacy experts are convinced that more companies will start reporting hacking incidents to all their customers. Even if they dont, California residents certainly can tip off the media to big break-ins.
Fearing bad publicity, companies are likely to beef up their security measures so they wont have such incidents in the first place. The law allows companies to keep break-ins to themselves if the data the hacker accessed was encrypted.
Protecting your reading, watching and listening habits
Regardless of whether youve got something to hide, the idea that someone could snoop through your summer reading list or see what youve rented from Blockbuster should make you a little queasy.
While many states make library records confidential, the protection can have loopholes. Rhode Island, however, spells out clearly that borrowers library records are not public records. Furthermore, its against Rhode Island law to reveal names and addresses with titles of videos or other media borrowed or purchased from a library, book store or rental shop.
Granting a constitutional right to privacy
The Bill of Rights protects many of the liberties that many Americans take for granted, but it says nothing directly about a right to privacy. At least 12 states, though, thought the right was important enough to codify it in their own constitutions. That makes it easier for courts in those states to side with consumers when privacy issues arise.
The states that have some constitutional privacy protection include Alaska, Arizona, California, Florida, Hawaii, Illinois, Louisiana, Montana, New York, Pennsylvania, South Carolina and Washington.
Alaskas Article 1, section 22 puts it succinctly: The right of the people to privacy is recognized and shall not be infringed.
|
|
|
|
