The Public Eye

The Public Eye

    0 comments | Print

    The Public Eye: California battles identity theft, cybercrime from AG's office

    By Claudia Buck
    cbuck@sacbee.com
    Published: Sunday, Aug. 19, 2012 - 12:00 am | Page 1B
    Last Modified: Monday, Sep. 10, 2012 - 12:22 am

    Eleven years ago, Joanne McNabb started the nation's first-ever state Office of Privacy Protection, under then-Gov. Gray Davis.

    Recently, her job was moved to the state attorney general's office, which has launched an eCrime unit focused on nabbing and prosecuting cyber-criminals.

    McNabb discussed with The Bee her new role and California's ongoing battle against identity theft and cybercrime.

    >The Federal Trade Commission reports California has the most ID theft complaints of any state and third highest per capita. Why is California ranked so high for identity theft and online crime?

    I don't think we can draw many conclusions from the FTC data on ID theft complaints because it is a limited sample of ID theft victims. California's ranking as third in complaints per 100,000 population is based on just 38,607 complaints.

    It doesn't necessarily mean we have a higher percentage of victims. … We might be more vocal. In the last decade, so many privacy issues have arisen in this state and a lot of new technologies have come out of California, so Californians may be more aware of the issues.

    Do you feel firms like Google, Apple and Facebook are doing enough to protect the privacy of their users?

    The AG's office is … bringing those companies together and encouraging them to do better and better. (Under an agreement announced by Attorney General Kamala Harris in February, the nation's top mobile and social networking companies agreed to improve privacy protections for consumers who access the Internet through applications, or apps, on their smartphones and other devices.)

    We're working with a broadly representative group of 20 people in the "mobile ecosystem" that includes Google, Facebook, as well as telecom carriers, mobile advertising networks, academics. We're doing a "best practices" project on how to improve consumer privacy notices on mobile phone apps.

    How would it work?

    Privacy notices are required by state law for most online applications. What we're trying to avoid is having people be surprised and unhappy about inappropriate information flows. For example, if you download a flashlight app, you don't expect it to pull your address book from your phone. With a privacy notice, that would be disclosed to you in the app store or on your device before you use it. You're given the opportunity to say 'No,' before it happens.

    Consumers have a right to know what is going on with their information.

    Aside from mobile phones, where else are you focused on privacy protection?

    Medical ID theft, which can lead to inappropriate diagnoses, being denied jobs because of (inaccurate) medical information, getting billed for medical care that's not yours.

    We're working on best practices among various players in the health care industry. As health records become electronic, it's about looking for anomaly detection. … Just like your credit card company notifies you if it sees a purchase in Paris on your account. Imagine if your doctor's office suddenly sent an alert or flagged suspicious information that appeared in your records.

    When it comes to identity theft, where are consumers especially vulnerable?

    Passwords. We've seen a number of data breaches involving email addresses and passwords. Someone armed with your email address can take over your account and do all sorts of things, including committing crime (disguised) as you. Passwords can be astonishingly easy to guess: Your dog's name, your kid's name, things gleaned from social networking sites.

    How should consumers protect themselves?

    We should all be using a variety of strong passwords: At least 8 characters; a combination of uppercase, lower case and numbers; not a searchable dictionary word; not your anniversary, birthday or your dog's name.

    It's a pain to not be able to use the same password everywhere, but if one password gets compromised, you're exposed with every account you have. … It's amazing how many people don't have passwords on their mobile phones. A password makes it less useful to the casual thief.

    Are you discouraged by how prevalent and insidious cybercrime continues to be?

    No, not discouraged, but certainly concerned. Like crime in general, cybersecurity is something we have to work on continually; to keep making ourselves smarter about what we do online. Schools are starting to teach online safety and that's where it has to start. Our kids will be better at it than we are.

    © Copyright The Sacramento Bee. All rights reserved.

    Read more articles by Claudia Buck



    About Comments

    Reader comments on Sacbee.com are the opinions of the writer, not The Sacramento Bee. If you see an objectionable comment, click the "Report Abuse" link below it. We will delete comments containing inappropriate links, obscenities, hate speech, and personal attacks. Flagrant or repeat violators will be banned. See more about comments here.

    What You Should Know About Comments on Sacbee.com

    Sacbee.com is happy to provide a forum for reader interaction, discussion, feedback and reaction to our stories. However, we reserve the right to delete inappropriate comments or ban users who can't play nice. (See our full terms of service here.)

    Here are some rules of the road:

    • Keep your comments civil. Don't insult one another or the subjects of our articles. If you think a comment violates our guidelines click the "Report Abuse" link to notify the moderators. Responding to the comment will only encourage bad behavior.

    • Don't use profanities, vulgarities or hate speech. This is a general interest news site. Sometimes, there are children present. Don't say anything in a way you wouldn't want your own child to hear.

    • Do not attack other users; focus your comments on issues, not individuals.

    • Stay on topic. Only post comments relevant to the article at hand.

    • Do not copy and paste outside material into the comment box.

    • Don't repeat the same comment over and over. We heard you the first time.

    • Do not use the commenting system for advertising. That's spam and it isn't allowed.

    • Don't use all capital letters. That's akin to yelling and not appreciated by the audience.

    • Don't flag other users' comments just because you don't agree with their point of view. Please only flag comments that violate these guidelines.

    You should also know that The Sacramento Bee does not screen comments before they are posted. You are more likely to see inappropriate comments before our staff does, so we ask that you click the "Report Abuse" link to submit those comments for moderator review. You also may notify us via email at feedback@sacbee.com. Note the headline on which the comment is made and tell us the profile name of the user who made the comment. Remember, comment moderation is subjective. You may find some material objectionable that we won't and vice versa.

    If you submit a comment, the user name of your account will appear along with it. Users cannot remove their own comments once they have submitted them.

    hide comments
    Sacramento Bee Job listing powered by Careerbuilder.com
    Quick Job Search
    Advanced Job Search | Search by Category
    Sacramento Bee Jobs »
    Buy
    Used Cars
    Dealer and private-party ads
    Make:

    Model:

    Price Range:
    to
    Search within:
    miles of ZIP

    Search used

    Advanced Search | 1982 & Older



    Find 'n' Save Daily DealGet the Deal!

    Local Deals

    Find more great deals!
    findnsave.sacbee.com