PRC's Privacy Tips

DECEMBER 2006:

Privacy Resolutions: Make 2007 Prosperous and Private!

We at the PRC wish you a happy, prosperous and private new year. For 2007, resolve to do what you can to guard against identity theft and stop unwanted intrusions via your mailbox, telephone, or fax machine. When it comes to privacy, there are no guarantees. But the following resolutions are a good way to start off the new year.

Check your credit reports. You are entitled to a free report from all three national credit bureaus once every 12 months. If you ordered your reports in 2006, mark your calendar for the appropriate month in 2007. For more information, see the Federal Trade Commission's Facts for Consumers at www.ftc.gov/bcp/conline/pubs/credit/freereports.htm.
Review credit card and bank account statements frequently. Online access to your accounts means you don’t have to wait for the statements to come in the mail. If you do access your accounts online, be sure to use your home computer rather than one open to public access such as found at Internet cafes.

DECEMBER 2006:

Contact the FTC: Speak Out about Pre-Recorded Telemarketing Calls

Did you put your telephone number on the national Do-Not-Call Registry (DNC), but still get sales calls from companies you’ve never heard of? Quite likely many unwanted sales calls you get today are not made by a live person. Instead many companies use auto-dialers, programmed to start a recorded message the minute you answer the phone. But, the calls that probably really get your dander up are the “dead air” calls, when you run to catch the phone but are met with silence.

Even if you signed up for DNC list, FTC rules allow companies that claim an “established business relationship” (EBR) to still call you. You have an EBR, the FTC says, if you purchased something within the previous 18 months or even inquired about a product or service within the previous three months. With a claimed EBR, a company can still call you, but the FTC did not say the company could leave a prerecorded message. And, the FTC rules still allow a percentage of “dead air” calls

SEPTEMBER 2006:

Your Cell Phone Can Continue Talking Even After You Get Rid of It

It may not seem like common sense to clean your trash before you throw it away, but with technology that is exactly what you should do.

Before you sell, donate or trash your cell phone, make sure that your personal information has been permanently deleted. For most phones, this means more than resetting the phone. Although resetting the phone may appear to delete your information, recent reports suggest that software programs can retrieve the information if it was not properly deleted.

To properly delete your personal information you need to follow the steps listed in your phone manual for “safely deleting” or “permanently deleting”. The instructions often involve complicated or repetitious key strokes. If you are not confident that the instructions offer the type of security you are looking for, call your phone company and ask about their data deletion procedures.

JUNE 2006:

Tips on Compiling Your Own Health Records -- with Words of Caution on Storing Them Online

Like most people, you've probably moved many times during your life. Settling in to any new community usually means establishing a relationship with a new doctor, dentist or other health care provider. Over time, it's easy to forget when you were treated, by whom ó even for what. Even if you've stayed in one place, it's still likely you've received medical care from various providers over time.

There is no one place you can go to get your complete medical history. Each healthcare provider you see keeps his or her own files detailing your visits and treatment. The same is true for hospital stays, physical therapy, laboratories, dentists, optometrists, chiropractors, pharmacies and so on. Only you are in the position to pull all the records together to compile your complete medical history.

If you don't already keep a personal health record, now is the best time to start. Do not rely on your ability to go back in time to collate a complete medical file. The longer you wait, the more difficulty you may have in obtaining older health records.

Looking for reasons to order your medical records soon after you are treated?

MAY 2006:

Planning a Summer Vacation? Be a Privacy-Smart Traveler

When you go on vacation, your risk of exposure to fraud and identity theft may increase. A few minutes of planning before you travel can help reduce the risk that a fraudster will ruin your vacation. Here are some tips to help you avoid any nasty surprises:

--Clean out your wallet. Remove unnecessary credit cards, your Social Security card, and other unneeded documents that could compromise your identity if lost or stolen while on vacation.

--Photocopy or make a list of the remaining contents of your wallet. Keep it in a secure and locked location or with a trusted individual at home whom you can contact in case your wallet is lost or stolen.

--Do not leave your wallet or any documents containing personal information in your hotel room unattended. Use a hotel safe when available.

--Use traveler's checks or credit cards for payment. Leave your checkbook in a secure locked place at home.

Time for Spring Cleaning

Whether you're an individual, a property owner with a tenant, a family with a nanny or a small business, now that spring has sprung and tax time is behind you, it's a great time to properly dispose of those documents you no longer need cluttering up your files.

Under existing Federal law, you may be required to properly dispose of documents that contain personal information. And California law requires the shredding of certain documents. The IRS has guidelines in terms of how long you should keep a copy of your taxes. Once you make the determination they're no longer needed, how should you go about disposing of them and any credit card receipts, monthly statements, credit report of a prospective nanny or tenant, electronic media or other unnecessary correspondence?

If you have a large number of documents to dispose, check with the National Association for Information Destruction's listing of large-scale and mobile operations and double check any company with the Better Business Bureau.

Home shredders can be purchased in many office supply stores. You should look for a cross-cut shredder. Consumer Report and other online rating services provide comparisons and ratings of various shredders available on the market.

APRIL 2006:

Keep Junk Mail Out of Your Mailbox: Renew Your Opt Out Request with the Mail Preference Service

Your mail box is suddenly overflowing with junk mail, yet you clearly remember signing up for the Direct Marketing Association's (DMA's) Mail Preference Service some time ago? A little-known aspect of the free opt-out service is that it only lasts for 5 years. Once you've signed up, you need to re-register every 5 years.

You and all adults in your household can resubscribe for the cost of a stamp by using the PRC's Mail Preference Service opt out letter. You can also opt out using the DMA's online service for $5.

And, the DMA gives family members, friends, and caretakers the ability to register the names of deceased loved ones through the Deceased Do Not Contact list (DDNC). Go to the DMA's web site in order to register the deceased individual. There is a $1 credit card verification fee to complete the registration.

MARCH 2006:

IRS Warns of Phishing Email Scam

When your mother told you, ìIf it sounds too good to be true, it usually is,î she was right. Many people have received an email purporting to be from the IRS saying that the government owes them a tax refund. Promising hundreds of dollars, the email directs recipients to a website that collects Social Security numbers and credit card information.

ìPhishingî scams operate by directing people to websites that are designed to look official and requesting personal information such as account numbers or Social Security numbers. With tax season upon us, beware of scams like the following that invoke the authority of the IRS: The email comes from taxrefunds@irs.gov and when the recipient clicks on the link or types in the address to receive the refund they are quickly bounced from the actual IRS site to a phony one. This happens too quickly for the average computer user to even notice what happened.

The IRS has assured consumers that it does NOT ask for personal information in unsolicited emails. Taxpayers can contact the IRS at 1-800-829-1040 to find out whether the agency is trying to contact them about a refund. The full IRS warning is available at www.irs.gov/newsroom/article/0,,id=151065,00.html

For more information on phishing scams, see the PRC alert available at www.privacyrights.org/ar/phishing.htm

Privacy Tips for Tax Season

You may be resigned to giving the government your money this tax season, but watch out for fraudsters looking for a piece of the action. Your tax forms contain sensitive information, including your Social Security number.

This tax season offers consumers a number of methods for completing their returns. Taxpayers have a choice of filing by mail or electronically. Consumers may use personal software, professional services, or old-fashioned pencil and paper. Either way you can bet there is a fraudster ready with a scam. The following tips can help protect your privacy:

More than 50% of people will file their returns over the Internet, according to the IRS. Before using your computer to transmit your return, check your computer for spyware. The Federal Trade Commission offers information and resources for keeping your computer secure available at: http://onguardonline.gov/index.html
If filing by postal mail, send the mail from a secure location, preferably before the last scheduled pickup time. Never leave mail in your home mailbox for pickup by your letter carrier.
When throwing out old records that are no longer needed for tax filing (after the IRS record retention period expires), be sure to shred anything containing personal info. Home shredders can be purchased in many office supply stores. We recommend cross-cut shredders.

<more>

FEBRUARY 2006:

Know the Risks of Using Debit Cards

Debit cards don't carry the same legal protection as credit cards. Federal law limits your liability on a debit card to $50, but only if you notify your financial institution within two business days of discovery of the theft. If you wait longer than 60 days after your bank statement was mailed, you could lose all the money in your checking account.

We at the PRC have been contacted by many identity theft victims who have experienced debit card fraud. While their banks eventually replenished the stolen funds from their checking accounts, many were without access for several weeks while the bank conducted its investigation. In the meantime, they were caught short, unable to pay their bills.

Our advice: Only use a debit card that requires you to input a PIN number. Use a true credit card for noncash purchases. And never use a debit card for online purchases. Monitor your monthly bank and credit card accounts diligently. Review them shortly after they arrive. And know when they are expected in the mail. If you don't get your monthly account statement on the usual date, notify the company immediately.

Concerned about someone accessing your cell phone records? The PRC provides tips to protect them such as:

Contact your cell phone carrier and request that call details be removed from your bills.
Place a password on the account. When selecting a password, do not use commonly known information, such as your birthdate, mother's maiden name, or numbers from your driver's license or Social Security number. Do not reuse the same password for other sites. The best password has at least eight characters and includes numbers and letters.
Instruct the phone carrier not to provide password reminders. If you forget your password, you will need to visit your local store to show identification.
Instruct the carrier to deactivate online access to your account. One of the methods apparently used by online information brokers to obtain cell phone records is to take advantage of online account access that customers have not themselves activated.

<more>

JANUARY 2006:

For the New Year, Resolve to Check Yourself Out

During the coming year creditors, insurance companies, banks, employers, among others will likely run your name through databases containing a wealth of personal information.

Errors ñ perhaps introduced by an identity thief or from file-mingling -- can trip you up when applying for a credit card or loan, job opportunities, a place to live, insurance, and much more. One resolution you should keep in 2006 is to check that the information in these databases is correct.

We recommend that at the very least, you should check yourself out in the following areas:

Credit history
Medical Information
Bank account history
Insurance claims
Public records
Search engines

<more>

DECEMBER 2005:

Online Shopping Tips for the Holidays

The holidays can be rife with scams and scam artists, especially as more shoppers turn to the Internet to purchase gifts. Whether identity thieves trying to obtain your credit and debit card information, pleas for bogus year-end donations to charities, or emails pitching the perfect holiday gift, how do you protect yourself from holiday scams?

Before you dive into your holiday shopping, take a look at the following resources assembled by the PRC to assist you:

Online Shopping Tips from the Privacy Rights Clearinghouse
www.privacyrights.org/fs/fs23-shopping.htm
Better Business Bureau's holiday shopping tips
www.bbb.org/alerts/cybershop.asp
Federal Trade Commission's online shopping advice
www.ftc.gov/bcp/conline/pubs/alerts/glblalrt.htm
Looks Too Good to Be True website with scam-fighting tips
www.lookstoogoodtobetrue.com
Onguard Online ñ advice on identity theft, phishing, spyware, spam, online shopping and more
www.onguardonline.gov
Safe Shopping tips from the American Bar Association
www.safeshopping.org
Direct Marketing Association's site of member merchants who comply with the federal "Mail or Telephone Order Merchandise Rule" that requires, for example, deliveries in 30 days
www.shopthenet.org
Useful websites for evaluating legitimate charities
www.charitynavigator.org
www.give.org/reports/index.asp
www.caag.state.ca.us/charities/index.htm

OCTOBER 2005:

Learn How to Protect Yourself Online

The Federal Trade Commission has recently launched a new web site, http://onguardonline.gov/, with tips on ways to safeguard yourself when you are online. OnguardOnline is a partnership between the FTC, other federal agencies, and the technology industry. The site offers advice on identity theft, phishing, spyware, spam, online shopping, P2P file sharing, and VOIP. It's available in English and Spanish.

Learn how you can guard against Internet fraud, secure your computer, and protect your personal information. And if you need to file a complaint, the site gives instructions. It provides videos, tutorials, and interactive programs on viruses and worms, spam filters, security tools, and more. If you're an educator or in a position to distribute educational materials to others, you can order free brochures in bulk titled "Stop - Think - Click."

SEPTEMBER 2005:

It's Back-to-School Time: Parents, Do You Know Where Your Child's School Records Are?

The PRC advises parents to pay close attention to documents and forms that students bring home from school. Among them is likely to be an opt-out form regarding the disclosure of students' education records.

Under federal law, the Family Educational Rights and Privacy Act (FERPA), public schools can release what's known as "directory information" to third parties without the express consent of parents. It can include the student's name, address, phone number, and date of birth, among other things.

For more information about the opt-out disclosure required under FERPA and for military recruitment efforts under the federal No Child Left Behind Act, click here.

AUGUST 2005:

PRC Warns about Online Check-Issuing Service

In a consumer alert, the PRC warns individuals to pay close attention to their checking accounts, which may be the latest target of identity thieves. Qchex.com, a San Diego-based company, allows its customers to create and print
checks online without verifying the account holder's identity, according to its Terms of Use.

The Federal Deposit Insurance Corporation (FDIC) has warned banks to watch for checks created by Qchex as some have been associated with fraud. Consumers that sell items in online auctions should be especially careful.

<more>

Still Receiving Junk Mail for a Deceased Loved One? Now There's a Solution.

The Direct Marketing Association now gives individuals the ability to register the names of deceased loved ones with a new service called the Deceased Do Not Contact list (DDNC).

The DMA initiated this service because it has often received requests from family members, friends, or caretakers seeking to remove the names of deceased individuals from marketing lists.

Go to the DMA's web site at https://preference.the-dma.org/cgi/ddnc.php in order to register the deceased individual. There is a $1 credit card verification fee to complete the registration in order to record those who are entering the names as well as to prevent fraudulent entries.

JULY 2005:

New Report Identifies Over 100 Imposter Domains and 233 Imposter Sites Interfering with Federally Mandated Free Credit Report Site.

In an update to it's previous report on accessing annual, free credit reports, the World Privacy Forum's (WPF's) surprising results indicate that imposter annual credit report sites have more than doubled to 233, and that some of these sites are showing up in search engine results, sometimes as paid listings that appear ahead of the official site.

The WPF calls for the credit bureaus and the FTC to take immediate action to clean up all of the imposter domains prior to the September 1 rollout to consumers in the Northeast.

The WPF advises consumers:

-When phoning the toll free number (877-322-8228) for a free credit report, ask that only the last four digits of your SSN be displayed when it is sent to you.

-If you use the toll free number above to access your free credit report, be aware that if you have a strong accent or a complex last name, the automated phone system may not work.

-If you call for your report or have it mailed to you, ensure that your credit report is mailed to a secure mailbox.

-Know that you are not required to give out your email address in order to obtain a federally mandated free credit report.

-If you order a free annual credit report online, take basic computer safety precautions. For example, ensure that your computer is virus-free and don't order your reports from a public computer or from work.

Click here for more information about the updated report.

JUNE 2005:

The Latest Security Breach, Affecting 40 Million Cardholders -- What Should You Do?

You have no doubt heard by now that on Friday June 16th MasterCard reported that a Tucson-based credit card transaction company, CardSystems, experienced a serious security breach in which the account data of 40 million cards had been compromised. Nearly 14 million of those cards were MasterCard-branded cards and 22 million were VISA cards. Other card brands were also affected.

Apparently the breach was discovered May 22nd. It appears that a hacker was able to insert a virus into the computer system that captured customer data.

What should you do? While this situation indeed represents a major security breach -- the largest of those we've tracked since the mid-February ChoicePoint breach -- we believe consumers should NOT at this time be cancelling card accounts as a preventive measure. It's best to wait for more information to emerge and for banks to contact their customers directly.

For more advice from the PRC about this latest security breach and what to do, click here.

MAY 2005:

What can you do about web sites like www.ZabaSearch.com that post or sell your personal information?

You may have come across various web sites that have your name, address, phone number, date of birth and other pieces of personal information you might not want available to everyone who has Internet access. Often, such sites get their data from public records and other sources.

What can you do about this unfettered distribution of personal information? First, the Federal Trade Commission needs to hear your concern and outrage about web sites that post your personal information.

The PRC also has a listing of how to opt out of such sites, but read the caveats first. And please provide us with feedback if you experience any problems opting out.

For more information about public records, see the PRC's Fact Sheet 11, From Cradle to Grave: Government Records and Your Privacy.

Bogus Email Claims Cell Phone Numbers Will be Released to Telemarketers

Like so many emails these days you can't believe everything that comes into your inbox. A recent example of some of the half truths contained in well-intentioned emails includes one that purports that cell phone numbers will be released to telemarketing companies and you will start to receive sale calls.

Read the PRC's Alert for the straight scoop on this and other urban email legends.

APRIL 2005:

With the April 15 tax filing date fast approaching, remember to shred outdated tax info. and watch out for tax scams.

As you file your taxes, remember to also properly dispose of any old tax documents that you no longer need to retain. It's best to hold on to tax returns for six to 10 years, but be sure that when you file your annual taxes, that you also shred any unneeded tax forms you've kept on file.

Also, according to the IRS, identity thieves are using taxes as an excuse to obtain personal information.

Last year the IRS shut down a "phishing" scheme in which perpetrators used e-mail to announce to unsuspecting taxpayers that they were "under audit" and could set matters right by divulging sensitive financial information on an official-looking Web site. Taxpayers should note the IRS does not use e-mail to contact them about issues related to their accounts.

For more tax scams you should avoid, see the IRS' Dirty Dozen.

MARCH 2005:

Is Your Wallet Leaving You at Risk for Identity Theft?

A stolen wallet or purse is still a primary way in which identity thieves get access to personal information including consumers' Social Security numbers (SSNs). Take a look through your wallet and remove any of the following:

-- Your HMO, insurance, or Medicare card that uses your SSN as your ID number.

--Your state-issued license or military ID that uses your SSN as your ID number.

-- Your paystub or student ID card that contains your SSN.

-- Your Soc. Security number card.

Only carry these items in your wallet on days when you need them. Make copies of any cards you want to carry in your wallet at all times and black out or cut out all or part of your SSN in case your wallet is every lost or stolen. And while you're at it, take out any credit cards you don't use on a daily basis.

Work with businesses, schools and employers to change their policy so that your SSN is not your ID number.

For more tips on minimizing your risk for identity theft, see the PRC's Fact Sheet 17.

Do You Need a Junk Mail Tune Up?

The Direct Marketing Association's (DMA's) Mail Preference Service is a one-stop shop for opting out of their members' mailing lists. Nationwide 'junk' mail senders are members including AOL if you want to stop receiving those pesky free tins and sweepstakes offers from Publishers' Clearinghouse among others.

And don't forget that if you've sent in a request to the DMA's Mail Preference Service, you will need to renew your request every five years.

To opt out of receiving junk mail from DMA members, use the PRC's form letter to opt out.

Another quick way to reduce junk mail sent to property owners is to opt out with Dataquick which aggregates public real estate records and sells the information to marketers. Dataquick's opt out number is (877) 970-9171.

For more information, see the PRC's fact sheet 4 on junk mail.

FEBRUARY 2005:

Does your employer or nonprofit where you volunteer have a robust online privacy policy and guidelines for information handling?

It's an understatement to say that the collection of personal information forms the very foundation of a business' or organization's success and effectiveness. But what many fail to realize is the importance of safeguarding such personal information.

Looking for a check list to put your business through the privacy paces? Or developing a privacy policy to guide your organization?

The following resources will provide direction and assistance.

PRC's Fact Sheet 12: A Checklist of Responsible Information-Handling Practices
PRC's Fact Sheet 28: Online Privacy for Nonprofits
CA Office of Privacy Protection: A California Business' Privacy HandbooK

JANUARY 2005:

Mail theft is a common way that identity thieves get your credit card or bank account information and possibly your Social Security number. What can you do to minimize your risk?

A recent survey on identity theft conducted by the Better Business Bureau notes most thieves obtain personal information through traditional rather than electronic channels. In cases where the method was known, 68.2% of information was obtained off-line versus only 11.6% obtained online -- mail theft being one of the off-line ways of stealing personal information.

If you have online access, cancel your paper bills and statements wherever possible and instead check your statements and pay bills online. Monitor your account balances and activity electronically (at least once per week).

For those living in California, if your data is ever hacked or someone gets unauthorized access, you will receive a security breach notification. You will not receive a similar notice to proactively safeguard your accounts or personal informtion if your mail is stolen.

DECEMBER 2004:

Want to make sure you don't get deluged with unwanted catalogs now that the holidays are over? Opt out with Abacus.

You may have made holiday purchases through mail order catalogs. When you buy something from a mail order catalog, your transaction is likely to be reported to Abacus which compiles a cooperative data base of catalog and publishing companies' customers.

Your name is then sold to other mail order companies who contact you with their catalogs and offers. This explains why you are likely to receive several unsolicited catalogs after ordering from a mail order company.

Thankfully, opting out of Abacus' database is easy. Simply write to Abacus, P.O. Box 1478, Broomfield, CO 80038 or email them at optout@abacus-online.com. Include your full name and current address (and previous address if you have recently moved).

Want to know what's in your Medical Information Bureau (MIB) report? Here's how you can get a free copy.

An MIB report includes information that you have reported on an insurance application or that the insurance company has obtained from your healthcare provider indicating a medical condition that insurance companies consider significant. In all, MIB assigns from among 230 codes that indicate medical conditions such as asthma, diabetes, high blood pressure, depression, and so on. The MIB estimates that about 20% of individuals have an MIB report.

How can you find out if you have a report and what's on it? A new federal law gives you the right to a free copy. MIB's toll-free number for disclosure is (866) 692-6901 (TTY for hearing impaired (866) 346-3642). You For more on free reports from MIB, see the company's web site.

Read our Fact Sheet on these free reports, www.privacyrights.org/fs/fs6b-SpecReports.htm.

HOME TOP

Copyright © 2004-2007. Privacy Rights Clearinghouse/UCAN. This copyrighted document may be copied and distributed for nonprofit, educational purposes only. For distribution, see our copyright and reprint guidelines. The text of this document may not be altered without express authorization of the Privacy Rights Clearinghouse. This document should be used as an information source and not as legal advice. PRC documents contain information about federal laws as well as some California-specific information. Laws in other states may vary. Overall, our information is applicable to consumers nationwide.