The federal agency responsible for consumer protection is planning a public workshop to discuss authentication, and soon hopes to draft a civil rule requiring companies to spot warning signs of identity theft, its leader said Wednesday.
Deborah Platt Majoras, chairwoman of the Federal Trade Commission (FTC) since 2004 and herself a victim of identity theft, said the initiatives are part of the agency's overall plan to protect consumers from shoddy data protection practices. She spoke Wednesday at RSA Conference 2007 in San Francisco.
The FTC will soon publish a Federal Register Notice to announce a public forum where financial organizations can chime in on multi-factor authentication, she said. Federal Financial Institution Examination Council (FFIEC) guidance, which took effect at the end of last year, has called for institutions to add new levels of authentication.
In addition, the agency expects to enact an identity theft "red flags" rule that would force organizations to discover system holes that could lead to compromised information.
Meanwhile, the newly formed, president-ordered Identity Theft Task Force, of which Majoras is co-chair, is discussing ways to limit the value of the Social Security number, said Marc Groman, the FTC's chief privacy officer.
"We want to make PII [personally identifiable information] less valuable so it's that much more difficult to use," he said following Majoras' speech.
But Groman cautioned against unintended consequences, saying the Social Security number has real value to the nation's economy.
The talk by Majoras — whose personal information was compromised when thieves hacked into Designer Shoes Warehouse's systems in 2004 and 2005 — coincides with National Consumer Protection Week. The FCC announced Wednesday that identity theft complaints accounted for 36 percent of the 674,000 complaints it received last year.
Click here to email reporter Dan Kaplan.