During the COVID-19 pandemic, we saw rampant fraud in unemployment insurance claims, especially in California, which saw an estimated $20 billion stolen. The U.S. Government Accountability Office estimates the total amount was between $100 billion and $135 billion and that failure to verify claimants’ identities was a major factor.
In response, the U.S. Department of Labor recommended that states adopt the National Institute of Standards and Technology’s (NIST) identity verification standards to optimize fraud prevention and verify the identity of individuals.
Alarmingly, a poorly crafted bill that ignores this federal fraud prevention guidance – Senate Bill 362 – has landed on Governor Gavin Newsom’s desk.
The “Delete Act” would allow Californians or paid third parties to delete all personal information used by companies defined as “data brokers” with a single click. The Consumer Data Industry Association, California Retailers Association, and NFIB California have outlined many potential unintended consequences for Californians’ everyday lives and the state’s economy.
Unfortunately for consumers, SB 362’s proponents rejected adopting NIST identity verification standards as too costly. While the bill has many flaws, this weakness could wind up sticking consumers with an unwanted tab through increased fraud and identity theft.
Another concern is that SB 362 weakens current fraud protections that data brokers use to verify customers’ identities when they transact with various kinds of businesses.
For example, if deleted, data like your high school’s name or an old mailing address would no longer be available to confirm your identity. Not only could this block access to your bank account, but scammers could more easily access other people’s accounts by fabricating fake identities.
Former Director of the FTC’s Bureau of Consumer Protection and George Washington University Business School professor J. Howard Beales has pinpointed why this matters to consumers. “Fraud detection tools employ…prior transactions, and other sources of identity information, including many public records, to flag suspicious transactions. Data brokers are a critical source of both the underlying data and the predictive analytics these tools employ. […] Opting for data deletion from such products may increase the risk of fraud for a consumer who does so.”
The current version of SB 362 ignores federal fraud prevention guidance and undermines current fraud protections for consumers. Governor Newsom should veto the bill to allow the Legislature more time to get this critical issue right. Protecting Californians from fraud depends on it.
Dan Smith is president & CEO of the Consumer Data Industry Association (CDIA), a trade association representing the U.S. consumer reporting industry. At CDIA, Dan is responsible for the leadership, direction, and overall management of the organization. MORE…