The FTC today released their annual summary of all consumer complaints they receive and yet again identity theft leads the pack. Over the past year, the FTC received 290,056 complaints regarding identity theft, about 85,000 more than the next highest category. I would point out how many years in a row this is that identity theft has taken the top spot, but I’ve lost count. Suffice to say that nobody over at the FTC or amongst those of us who follow privacy and security issues are shocked.
This new info also matches precisely what CCIA learned when we released a poll on the subject late last year. Our poll asked people to make decisions about what is more important to them, and Americans are far and away more concerned about the safety of their data online than they are about any other risks on the Internet, including targeted advertising. Most people have themselves been hacked or know someone who has, and they are all too aware of the very real costs that can be the result.
What can we do to improve the situation of users across the Internet? Well, identity theft is obviously already a priority for the FTC, but we think they can and should be doing more. On issues of privacy, interesting and thought provoking workshops are a regular occurrence. On identity theft, however, it’s hard to identify any workshops that they have had in recent years that would have informed the agency of emerging data security threats. The FTC should regularly convene experts about the risks facing companies. The FTC could also make a great impact by putting forth guidelines and educational materials on how companies can best protect their users, particularly for smaller startups that may have a large number of users but don’t yet have security focused engineers on staff. However they decide to tackle the problem, the fact that nobody is surprised by this year’s complaint report means it absolutely must be tackled.