Home Tell a Friend! Contact ICFE Link Exchange Search ICFE Subscribe ICFE About the ICFE
ICFE News Releases ICFE in the News Children and Money Financial Education Personal Financial Counseling with Paul S. Richard, RFC Credit Card Tips Credit File Correction Mending Spending Links and Resources Order Options

ICFE eNEWS #17-15 - April 18th 2017

United States Government Accountability Office (GAO) Report: "Identity Theft Services Offer Some Benefits but Are Limited in Preventing Fraud"

By Yan Ross, Director of Special Projects, ICFE

According to a recently-released 70-page report in response to Congressional requests, the GAO reached these summary findings:

Identity theft services offer some benefits but have limitations.

• Credit monitoring helps detect new-account fraud (that is, the opening of new unauthorized accounts) by alerting users, but it does not prevent such fraud or address existing-account fraud, such as misuse of a stolen credit card number.

• Consumers have alternatives to credit monitoring, including requesting a low-cost credit freeze, which can prevent new-account fraud by restricting access to the consumers' credit report

• Identity monitoring can alert consumers to misuse of certain personal information by monitoring sources such as public records or illicit websites, but its effectiveness in mitigating identity theft is unclear

• Identity restoration seeks to remediate the effects of identity theft, but the level of service varies: some providers offer hands-on assistance, such as interacting with creditors on the consumer's behalf, while others largely provide self-help information, which is of more limited benefit

• Identity theft insurance covers certain expenses related to the process of remediating identity theft but generally excludes direct financial losses, and the number and dollar amount of claims has been low

These services also typically do not address some types of threats, such as medical identity or tax refund fraud.

The impetus behind this research and report is apparently the continued proliferation of data breaches among federal agencies and the "standard" response of providing identity theft services for the affected consumers, as well as the implications for consumers in subscribing to services such as credit report monitoring, restoration services, and related means of managing the risk of identity theft.

This description of the thrust of the GAO report sheds additional light on its purpose:

"This report examines (1) the marketplace for identity theft services; (2) the potential benefits and limitations of identity theft services available to consumers; (3) marketing, billing, and security issues associated with these services; and (4) factors that affect government and private-sector decision making about offering identity theft services."

The Office of Personnel Management (OMB) breach in 2015, and the steps taken to mitigate potential damage to the affected individuals, provide the foundation for the GAO study. In this regard, the report mentions "In response to data breaches in 2015, OPM awarded two contracts obligating about $ 240 million for identity theft services."

From this perspective, the GAO proceeds to list and evaluate many of the points of coverage and pricing for the various providers of post-data breach services. Further, the GAO reports that in the case of affected federal agencies, there is no common standard for the evaluation of the risk of loss or the cost-effectiveness of monitoring and recovery services, as well as insurance against actual losses arising out of the particular data breach.

An important aspect of this report is the information regarding the 26 providers of identity theft services whose web sites were reviewed by GAO officials. Further direct contact with representatives of eight of the service providers confirmed that the level of hands-on service, as opposed to simply consulting with affected consumers to engage in "do-it-yourself" recovery efforts, vary widely.

In the section on "Types of Threats Not Addressed by Existing Identity Theft Services," the most prominent, and potentially disruptive, are medical identity theft and tax refund fraud.

Recognizing that the origin of this research and report is from the federal agency perspective, the ultimate GAO recommendations are centered on both statutory and regulatory initiatives:

"Congress should consider permitting agencies to determine the appropriate coverage level for identity theft insurance they offer after data breaches. OMB should analyze the effectiveness of identity theft services relative to alternatives, and should explore options to address duplication in federal agencies' provision of these services. OPM should address in its breach-response policy when to offer these services and should document its decision-making process. OPM agreed with GAO's recommendations to the agency."

While the focus of the GAO report is on prospective responses by federal agencies that may experience data breaches, there is much to be learned by private sector holders of protected personally identifiable information (PII).

It is worthy of note that some 45 States have data breach notification laws, and many also have adopted standards for remediation of potential damage to the affected individuals, there has so far been no action taken to adopt a federal standard that would supersede these widely divergent State requirements.

For professionals engaging in identity theft risk management activities, as well as holders of protected data, this report provides an excellent survey of the playing field among the providers of post-breach identity theft services. The value of this information goes far beyond applications to government entities, and may even serve as a platform for the adoption of an integrated set of standards in the future.

Primary - http://www.gao.gov/assets/690/683842.pdf
Secondary - https://www.ibisworld.com/industry/identity-theft-protection-services. html
(Subscription Required for this "Market Research Report on Identity Theft Protection Services")
Javelin Strategy & Research, Identity Protection Direct-to-Consumer Services Reach $1.4B in a Year Ridden with Data Breaches (April 2015), accessed September 21, 2016

Yan Ross Bio PhotoYan Ross is ICFE's Director of Special Projects, and the author of the Certified Identity Theft Risk Management Specialist ® XV CITRMS® course. As an accredited educator for over 20 years, he has addressed Identity Theft Risk Assessment and management for consumers, organizations holding personally identifiable information, and professionals who work with individuals and organizations who are at risk of falling victim to identity thieves.

The ICFE's Certified Identity Theft Risk Management Specialist ® XV CITRMS® course is now available both in printed format and online.

The Textbook and Desk Reference edition of the course book is also available online. Bulk pricing and discounts for veterans and students available. Inquire at yan.ross@icfe.info

Paul S Richard PhotoICFE eNEWS is available FREE upon request by visiting our Web site and filling out the contact form, and selecting "Yes" for "Add to Mailing List. Please pass this eNEWS on to your peers and interested others and invite them to subscribe for free. Also, visit the ICFE's new Web site: StudentDebtHelp.org

Sent by:

Paul S. Richard
President - Executive Director
Institute of Consumer Financial Education (ICFE)

About the ICFE:

The Institute of Consumer Financial Education (ICFE) was founded in 1982 by the late Loren Dunton (creator of the Certified Financial Planner (CFP) designation).  The ICFE is dedicated to helping consumers of all ages to improve their spending, increase savings and use credit more wisely. 
The ICFE is an award winning, nonprofit, consumer education organization that has helped millions of people through its education programs and Resources. It publishes the Do-It-Yourself Credit File correction Guide, which is updated annually. The ICFE has distributed over one million Credit/Debit Card Warning Labels and Credit/Debit Card Sleeves world wide.

The ICFE became an official partner with the Department of Defense/Financial Readiness Campaign in June of 2004.The ICFE was an active partner in the California Student Debt Resource Awareness Project (CASDRAP) which resulted in a new web site: (studentdebthelp.org).  CASDRAP disbanded in 2010, shortly after the web site project was completed.  In 2011 the ICFE assumed the single sponsorship of the (studentdebthelp.org) web site and is now responsible for its content and operation.

The ICFE is also an on-line help for consumers who spend too much.  ICFE's spending help was featured in PARADE Magazine in the Intelligence Report section. The money helps and tips are from the ICFE's Money Instruction Book, our course in personal finance.

Visit the ICFE's other web sites at: www.financial-education-icfe.org and studentdebthelp.org.  Both sites helps consumers and students with mending spending, learning about the proper use of credit, budget and expense guidelines, how to set up and implement a spending-plan and also how to access financial education courses and how to teach children about money. Other ICFE services include: Ask Mr. G,  a free eNews, and an online resource center for students, parents and educators, plus financial education learning tools and a book store.

Home ] ICFE News Releases ] ICFE in the News ] Children and Money ] Financial Education ] Resource Center ] Credit Card Tips ][ Credit File Correction ] Mending Spending ] Links and Resources ]  [ Online Store ]


Copyright ©  1997 - by Paul S. Richard
and the Institute of Consumer Financial Education, All Rights Reserved.
View our
Privacy Policy Our Terms and Conditions

Institute of Consumer Financial Education
PO Box 34070
San Diego, Ca 92163
Paul S. Richard, Executive Director
Phone 619-239-1401

FAX 619-923-3284

Questions for www.financial-education-icfe.org Click to go to Website Contact Us or 
Website Design Donated by Desgn School Programs

Please Tell An Associate, Friend or Family Member About the ICFE