FTC imposes record fine on ChoicePoint in data-loss case

[JURIST] The US Federal Trade Commission (FTC) [official website] announced [FTC press release] Thursday that ChoicePoint [corporate website] will be required to pay $10 million in civil penalties and $5 million to customers affected by last year's identity theft incident [JURIST report] as a result of making false and misleading statements to consumers regarding their information safety policies. The FTC charged ChoicePoint with violating the Fair Credit Reporting Act [text] by misrepresenting the security of their information database. As a result of a security weakness in the ChoicePoint database, hackers gained access to the personal information of over 163,000 ChoicePoint customers, leading to at least 5,000 cases of identity theft. The settlement obligates ChoicePoint to conduct comprehensive background checks for every business requesting access to the database, to establish and maintain a more effective information security system, and requires that outside security professionals audit the system every year until 2026. Read the complaint [PDF text] and the final judgement and order [PDF text]. CNET has more.

 

About Paper Chase

Paper Chase is JURIST's real-time legal news service, powered by a team of 30 law student reporters and editors led by law professor Bernard Hibbitts at the University of Pittsburgh School of Law. As an educational service, Paper Chase is dedicated to presenting important legal news and materials rapidly, objectively and intelligibly in an accessible format.

© Copyright JURIST Legal News and Research Services, Inc., 2013.