Shostack + Friends Blog Archive

 

More on Choicepoint

Enter ChoicePoint’s two-building campus in Alpharetta, and you get the feeling you are being watched.

starts a new story at the Atlanta Journal-Constitution. (Use Bugmenot to login.) It’s sort of ironic. Choicepoint is focused on identifying people, rather than identifying behavior that leads to trouble. They figure once you have an account, they want you to use it. The TSA is making this same mistake. They’re all over trying to identify the bad people with CAPPS, CAPPS-II, and Free Wheelchairs for Paraplegic Children. The issue isn’t who you are, it’s what you’re doing.

In a move that a lot of people might laugh at, Rich Baich, Chief Information Security Officer of ChoicePoint will be speaking at a web seminar [link to https://www.cmpnetseminars.com/BTG/default.asp?Q=206 no longer works] on risk management. (From Mike T, posting to IP.) This is actually a good thing. Mr. Baich and his company have been managing their risks very well. The 140,000 victims? Well, they were an externality. From the company’s tactical viewpoint, it makes sense to maximize revenue by selling as much product as possible. No instance of ID theft, job-lockout, or false arrest was likely to come back to haunt Choicepoint. Then 1386 happened, and now the stock has fallen 5½%. Was this predictable by a reasonable person? I’m sure the courts will decide.

One comment on "More on Choicepoint"

  • Checkpoint – 700 identities attacked

    As predicted, http://www.identitytheft911.com/education/articles/art20050218choicepoint.htm“>the states ganged up on Choicepoint and forced them to agree to notify all the victims of the identity thefts. Of the 145k or so identified sets of identity, 7…

Comments are closed.