Tag Archives: Federal Trade Commission

Top Ten Background Check Trends for 2013 Released by Employment Screening Resources

Nationwide accredited background check firm Employment Screening Resources (ESR) has released its Sixth Annual ‘ESR Top Ten Background Check Trends for 2013’ featuring emerging and influential trends in the background screening industry selected by ESR Founder and CEO Attorney Lester Rosen. For 2013, the focus on accuracy of background check report information and the greater scrutiny of the screening industry was chosen as the number one trend. The Sixth Annual ‘ESR Top Ten Background Check Trends for 2013’ is available at http://www.esrcheck.com/Top-Ten-Background-Check-Trends-for-2013.php. Continue reading

Top 20 Stories for Background Check Screening for 2012 from Employment Screening Resources

For the last day of the year, nationwide accredited background check provider Employment Screening Resources (ESR)http://www.esrcheck.com – has chosen the following ‘Top 20 Stories for Background Check Screening for 2012’ from the ESR News blog at http://www.esrcheck.com/wordpress/. Here are the top 20 stories for 2012 from ESR in order of the date posted: Continue reading

Federal Trade Commission to Study Collection and Use of Consumer Information by Data Brokers

In an effort to study privacy practices in the data broker industry, the Federal Trade Commission (FTC) has voted 5-0 to issue orders requiring nine data brokers – companies that collect, analyze, and sell personal information of consumers – to reveal how they gather and use data about consumers, according to an FTC news release available at http://www.ftc.gov/opa/2012/12/databrokers.shtm. Continue reading

Government Increases Action Against Consumer Reporting Agencies Using Background Checks in Violation of FCRA

The Federal Trade Commission (FTC) recently submitted written testimony to the U.S. Commission on Civil Rights summarizing the Fair Credit Reporting Act (FCRA) requirements that relate to the use of consumer reports in employment in protecting the rights of job applicants and employees under the FCRA, according to a news release available at http://www.ftc.gov/opa/2012/12/fcra.shtm.  The FTC testimony on the FCRA – which promotes the accuracy, fairness, and privacy of information from Consumer Reporting Agencies (CRAs) – is an example of the trend of the government increasing action against CRAs violating the law. This is Trend Number 9 of the 6th Annual ‘ESR Top Ten Background Check Trends for 2013’ available at http://www.esrcheck.com/Top-Ten-Background-Check-Trends-for-2013.php. Continue reading

Statistical Analysis of Online Ads for Internet Data Broker Website Uncovers Possible Racial Profiling

A Harvard University professor who ran a statistical analysis of online ads used by an Internet data broker website that suggested certain names may have arrest records uncovered what she described as possible racial profiling when she found the company’s advertising “disproportionately” used the word “arrested” for black-identifying names even when a person had no arrest record, according to the Huffington Post. The story is available at http://www.huffingtonpost.com/2012/11/25/racial-profiling-online-ads_n_2186409.html. Continue reading

FTC Offers Child Identity Theft Prevention Tips for Parents to Protect Personal Information of Kids at School

Just in time for the beginning of a new school year, which usually requires parents to fill out paperwork such as registration forms and emergency contact information, the Federal Trade Commission (FTC) offers child identity theft prevention tips in the blog ‘Protecting Your Child’s Personal Information at School’ to let parents know that many school forms containing the personal and sensitive information of their children could be used to commit fraud in their child’s name if the information falls into the wrong hands. To read the blog, visit: https://www.consumer.ftc.gov/blog/protecting-your-childs-personal-information-school. Continue reading

FTC Fines Data Broker Spokeo 800000 Dollars to Settle Charges of Violating Fair Credit Reporting Act

In the first Federal Trade Commission (FTC) case to address the sale of Internet and social media data in the employment screening context, Spokeo, Inc. – a data broker that compiles and sells detailed information profiles on millions of consumers – has agreed to pay a $800,000 fine to settle FTC charges that the company marketed profiles to companies in the human resources, background screening, and recruiting industries without taking steps to protect consumers required under the Fair Credit Reporting Act (FCRA), according to a press release at http://www.ftc.gov/opa/2012/06/spokeo.shtm. Continue reading

Federal Trade Commission Issues Staff Report on Fair Credit Reporting Act Controlling Employment Background Checks

The Federal Trade Commission (FTC) has issued a staff report that compiles and updates the agency’s guidance on the Fair Credit Reporting Act (FCRA), the 1970 law designed to protect the privacy of credit report information and ensure that the information supplied by credit reporting agencies (CRAs) is as accurate as possible. The July 2011 report, “Forty Years of Experience with the Fair Credit Reporting Act: An FTC Staff Report and Summary of Interpretations,” provides a brief overview of the FTC’s role in enforcing and interpreting the FCRA, includes a section-by-section summary of the agency’s interpretations of the Act, and also withdraws the agency’s 1990 Commentary on the FCRA, which has become partially obsolete since it was issued 21 years ago. Continue reading

Identity Theft Tops Federal Trade Commission List of Top Consumer Complaints in 2010

A list of top consumer complaints received in 2010 by the Federal Trade Commission (FTC), the nation’s consumer protection agency, showed that identity theft was the number one consumer complaint category for the 11th year in a row, with 250,854 – or 19 percent – of the 1,339,265 complaints received by the FTC related to identity theft. Continue reading

Three Credit Report Resellers Settle FTC Charges for Not Protecting Personal Information of Consumers

By Lester Rosen, Employment Screening Resources (ESR) President & Thomas Ahearn, ESR News Editor

In the Federal Trade Commission’s (FTC) first cases against credit report resellers for the data security failures of their clients, three companies that resell credit reports of consumers have agreed to settle FTC charges that they did not take reasonable steps to protect personal information of consumers and allowed computer hackers to access that personal information, according to a recent news release from the FTC.

Administrative complaints issued by the FTC showed the three credit report resellers bought credit reports from the three nationwide consumer reporting agencies – Equifax, Experian, and TransUnion – and added them to reports to sell to determine eligibility for credit of consumers. Because these three resellers allegedly allowed clients to access these reports without basic security measures such as firewalls and updated antivirus software, hackers accessed more than 1,800 credit reports without authorization through the computer networks of clients. The three credit report resellers also allegedly did not make reasonable efforts to protect against future security even after becoming aware of these data breaches.

The three credit report resellers are charged with violating the Fair Credit Reporting Act (FCRA) by:

  • Failing to protect their internet portals and thereby furnishing credit reports to hackers who lacked a permissible purpose to have them,
  • Failing to maintain reasonable procedures to limit the furnishing of credit reports for such purposes, and
  • Furnishing credit reports when they had reasonable grounds for believing the reports would not be used for a permissible purpose.

The failure of the three credit report resellers to protect personal information of consumers also allegedly violated the FCRA. In addition, the credit report resellers allegedly violated the Gramm-Leach-Bliley Safeguards Rule by failing to:

  • Design and implement information safeguards to control the risks to consumer information;
  • Regularly test or monitor the effectiveness of their controls and procedures; to evaluate and adjust their information security programs in light of known or identified risks; and
  • Have comprehensive information security programs.

The proposed settlement, part of the ongoing campaign of the FTC to protect the personal information of consumers, would require the three credit report resellers to:

  • Have comprehensive information security programs designed to protect the security, confidentiality, and integrity of the personal information of consumers, including information accessible to clients;
  • Obtain independent audits of their security programs, every other year for 20 years;
  • Furnish credit reports only to those with a permissible purpose; and
  • Maintain reasonable procedures to limit the furnishing of credit reports to those with a permissible purpose.

These cases show that the FTC will call for imposition of civil penalties against resellers of consumer reports who do not take adequate measures to fulfill their obligations to protect information contained in consumer reports as required by the FCRA. These cases also send a strong message that companies giving their clients online access to sensitive information of consumers must have reasonable procedures to secure that information.

Consumer protection through data security makes up a critical part of the National Association of Professional Background Screeners (NAPBS) accreditation process. Since its founding in 2003, the NAPBS has believed that there is a strong need for a singular cohesive industry standard and created the Background Screening Agency Accreditation Program (BSAAP). Governed by a strict professional standard composed of requirements and measurements, the BSAAP is becoming a widely recognized seal of approval that brings national recognition to background screening organizations – also referred to as Consumer Reporting Agencies (CRAs) – that will stand as the industry “seal” representing a background screening organization’s commitment to excellence, accountability, high professional standards, and continued improvement.

The NAPBS Background Screening Credentialing Council (BSCC) oversees the application process and is the governing accreditation body that will ensure the background screening organizations seeking accreditation meet or exceed a measurable standard of competence. To become accredited, a CRA must pass an onsite audit of its policies and procedures as they relate to six critical areas of the BSAAP:

  • ‘Section 1: Consumer Protection’ includes standards for: Information Security Policy; Data Security; Intrusion, Detection and Response; Stored Data Security; Password Protocol; Electronic Access Control; Physical Security; Consumer Information Privacy Policy; Unauthorized Browsing; Record Destruction; Consumer Disputes; Sensitive Data Masking; and Database Criminal Records.
  • ‘Section 2: Legal Compliance’ includes standards for: Designated Compliance Person(s); State Consumer Reporting Laws; Driver Privacy Protection Act (DPPA); State Implemented DPPA Compliance; Integrity; Prescribed Notices; and Certification from Client.
  • ‘Section 3: Client Education’ includes standards for: Client Legal Responsibilities; Client Required Documents; Truth in Advertising; Adverse Action; Legal Counsel; Understanding Consumer Reports; and Information Protection.
  • ‘Section 4: Product Standards’ includes standards for: Public Record Researcher Agreement; Vetting Requirement; Public Record Researcher Certification; Errors and Omissions Coverage; Information Security; Auditing Procedures; Identification Confirmation; and Jurisdictional Knowledge.
  • ‘Section 5: Service Standards’ includes standards for: Verification Accuracy; Current Employment; Diploma Mills; Procedural Disclosures; Verification Databases; Use of Stored Data; Documentation of Verification Attempts; Outsourced Verification Services; Conflicting Data; Professional Conduct; and Authorized Recipient.
  • ‘Section 6: General Business Practices’ includes standards for: Character; Insurance; Client Credentialing; Vendor Credentialing; Consumer Credentialing; Document Management; Employee Certification; Worker Training; Visitor Security; Employee Criminal History; Quality Assurance; and Certification.

Employment Screening Resources (ESR) is formally recognized as accredited by the National Association of Professional Background Screeners (NAPBS) Background Screening Credentialing Council (BSCC) for successfully proving compliance with the Background Screening Agency Accreditation Program (BSAAP). For more information, visit Employment Screening Resources (ESR) at http://www.ESRcheck.com

Source:
http://ftc.gov/opa/2011/02/settlement.shtm