What Best ID Theft Protection Companies Should Be Doing, Says Report

The Consumer Federation of America today announced a series of recommendations for best practices by identity theft protection services.

Identity theft has quickly became one of the most cited consumer complaints, and widespread fear among consumers has fueled a booming identity theft protection business. But some of these companies failed to deliver the protection they promised.

The CFA first examined for-profit identity theft services in a 2009 study and identified several problems, including misleading claims, unclear information and exaggerated guarantees. Today's report, Best Practices for Identity Theft Services, were developed by a working group including consumer advocates and companies selling identity theft protection."Our aim is to curb misleading claims in the identity theft service marketplace and promote responsible industry practices," Susan Grant, CFA's Director of Consumer Protection, said in a statement.

What follows are highlights form the report's recommended best practices for identity theft service providers:
  • Misrepresentations about protecting against identity theft -- Identity theft service providers shouldn't promise consumers they can provide complete protection against all forms of identity theft, detect every instances of identity theft, or stop all attempts to commit identity theft -- claims no service can realistically make.
  • Testimonials and use of statistics -- Identity theft service providers should be wary about using testimonials and statistics to ensure that they aren't misleading.
  • Disclosures -- Companies should fully disclose all costs, cancellation and refund policies.
  • Program features -- Companies should clearly explain how all features of their programs work and how they help consumers.
  • Protecting individuals' information -- Companies should publish clear and transparent privacy policies, use appropriate safeguards for consumers' personal data, and be careful about sharing it with third parties.
  • Fraud assistance -- Companies that offer assistance to victims should explain what they do to help them and any limitations or exclusions that may apply.
Grant said it will take time for identity theft service providers to adopt the best practices, and the CFA will check on the progress in six months. CFA also plans to promote the best practices to other identity theft service providers.

"With the help of our best practices working group, we'll continue to push for honesty, transparency, and responsibility in the identity theft service industry," said Grant.

Members of CFA's working group included identity theft expert Mari Frank and representatives from: the California Office of Privacy Protection, Call For Action, Consumer Action, Debix, Experian (ProtectMyID), ID Analytics, ID Experts (Zander ID Services Plan), Identity Theft 911, ID Watchdog, the Identity Theft Assistance Center, Intersections Inc., Kroll, Privacy Rights Clearinghouse, and Worldwide Benefits Services (ID Theft Assist).
Read Full Story