When it comes to defining data for identity theft bills, the Direct Marketing Association says lawmakers on Capital Hill aren’t on the same page. Which is why John Greco, president/CEO of the DMA, says his group needs to help lawmakers understand what is and what isn’t data that would cause a security breech.
During the DMA’s List & Database Council luncheon in New York on May 25, Greco said that personal, identity-specific data such as social security and credit card numbers is often confused with “marketing data” based on shopping habits and purchase history. It’s up to the DMA, Greco said, to make lawmakers aware of the difference.
Security data is a hot issue right now, Greco said, stressing that that protecting data security is everyone’s responsibility. Financial information, medical records, and human resources files are more valuable to identity thieves than marketing data is, he added.
And identity thefy legislation is heating up, Greco said. “Data security breaches led California to enact the first sensitive information law a few years back. Now close to 30 other states have followed suit, and nearly all the rest are considering action in one way or another. Meanwhile, data security breaches and related problems continue to make headlines.”
In fact, he said, on Capitol Hill earlier this year, there were 30 different identity-theft bills being discussed, and six different committees in the Senate and House are working on data security. “Those committees do not appear likely to resolve their many differences before the end of this Congressional session.”
DMA advocacy is based on making a strong distinction between personal, identity data, and the marketing data, based on shopping history and habits, he said, as the two get mixed up frequently.
“For direct marketers, it’s vital that we stop that from happening. It’s critical to build awareness that marketing data can’t be used to steal identity. So as we hammer that message home on Capitol Hill, direct marketers must be even more responsible than ever in handling their marketing data. We can’t afford to become a ‘poster child’ for data security.”