Privacy specialists said many people who had no idea that a company like ChoicePoint existed will likely be startled by the amount of information it maintains and regularly updates.
"People will be shocked to find out how much information is shared with so many organizations," said Evan Hendricks, publisher of Privacy Times and author of Credit Scores & Credit Reports.
Transcript: Reporter and author Robert O'Harrow Jr. answered your privacy questions.
They're Watching You . . . Today, we are constantly tagged, monitored, studied, sorted and tracked by a vast array of institutions and organizations -- private and public. As Robert O'Harrow Jr. details in No Place to Hide, it is worse than we could ever have imagined.
"This is not some theoretical debate about privacy principles. This is fraud affecting lots of people," said Peter Swire, a business law professor at the Moritz College of Law at Ohio State University and a privacy counselor in the Clinton administration. "When there's real harm of this magnitude, everyone takes notice."
ChoicePoint's efforts came just days after company officials acknowledged that the firm last year had delivered thousands of electronic reports containing names, addresses, Social Security numbers and, in some cases, credit histories to people in the Los Angeles area posing as legitimate debt collection, insurance and other small-business officials.
At least 700 victims had their mailing addresses changed, apparently by people connected to the scheme who wanted to gain control of credit card offers, bank records and other sensitive mail. One man lost about $12,000 after his bank account was drained, an investigator said.
Investigators in the Los Angeles Sheriff's Department initially thought they were probing a routine identity-fraud scam after ChoicePoint officials called last fall to ask for help. The company said that a man with an accent appeared to be posing as a business executive seeking access to the firm's enormous data files.
In late October, while working with sheriff's department investigators, the company lured the man to a copy store from where he had faxed an application for information services. Police arrested the man, Olatunji Oluwatosin, a Nigerian national.
Oluwatosin, 41, pled no contest to identity theft in a California court last week and was sentenced to 16 months in state prison. Authorities believe that other people were involved in the fraud.
At the time of his arrest, Oluwatosin was carrying five cell phones, only one of which was registered in his name. The others were issued on accounts opened in the names of identity-theft victims. When investigators received permission to search the man's North Hollywood, Calif., apartment, they found other ChoicePoint service applications and more than a dozen commercial mailbox addresses.
When investigators asked to see the unopened mail at some of those locations, they were stunned by what they found. At one location, a clerk brought out two large bags containing credit card applications, financial statements and other mail that had been redirected from homes around the nation.
"I realized that this was just absolutely huge and out of control," said Duane Decker, a detective at the Los Angeles Sheriff's Department. "You look at that and you say, 'There's no way this can happen.' But it did."
ChoicePoint officials said they had checked the credentials of the people apparently associated with the fraud ring. But those people had obtained legitimate business documents from the state, under assumed names, company spokesman James Lee said.
In a statement, the company said the "criminals were able to pass our customer authentication due diligence process by using stolen identities to create and produce documents needed to appear legitimate."
Noting the challenges of safeguarding the billions of records under his control, ChoicePoint chief executive Smith said he was willing to embrace new rules to ensure the information collected by his company and others in the industry were appropriately used and protected.
Company officials spoke with several staff members of U.S. senators to convey that idea last week. Sen. Bill Nelson (D-Fla.) asked the Federal Trade Commission last week to consider regulating ChoicePoint-style reports as rigorously as credit reports.
"As a company and as an industry, and as a society as well, we have to relook at how we use information," Smith said.
"The importance of information to reduce . . . risk has increased dramatically," he said. "The risks associated with its misuse have also increased dramatically."