Westlaw to restrict access to personal data

updated 9:37 p.m. ET March 17, 2005

WASHINGTON - A legal research company said Thursday it will greatly restrict customer access to Social Security numbers in response to complaints from Congress that its previous policy of limited sales of the numbers invited identity theft.

Westlaw, a Minnesota-based legal research firm, said private companies and many government offices no longer will be able to obtain such information from the company.

"The events of the past months illustrate the importance of tougher controls, and we're pleased to be a part of a broader and ongoing effort that supports both individual privacy and homeland security concerns," said Peter Warwick, CEO of Thomson West, which operates the online Westlaw service.

The company's practices came under fire from lawmakers after another data company, ChoicePoint, announced some 145,000 customers had been exposed to identity theft.

Westlaw, which is owned by The Thomson Corp., has not suffered a similar breach, but Sen. Charles Schumer, D-N.Y., called on the company to tighten restrictions on the information available to customers in the wake of the ChoicePoint problem.

Under the new policy, about 85 percent of Westlaw customers who previously had access to the Social Security number search will no longer have such access.

All private companies, and many government offices, including the U.S. Senate, will no longer have access to Social Security numbers through Westlaw. Access will remain for some law enforcement agencies.

BOB SULLIVAN ON CHOICEPOINT THEFT Database giant gives access to fake firms Read the Feb. 14 story that started it all Data theft affects 145,000 nationwide Suspect agrees to plea deal ChoicePoint files found riddled with errors No easy way to fix mistakes, either ChoicePoint CEO grilled by Congress Data broker backs some new regulations

Congress has stepped up pressure on data companies that collect huge amounts of private information.

On Tuesday, ChoicePoint Inc. CEO Derek Smith appeared before a House Energy and Commerce Committee panel to publicly apologize to customers whose information may have been obtained surreptitiously.

Appearing beside him was LexisNexis CEO Kurt Sanford, whose company also had a breach involving information on about 32,000 people. LexisNexis is owned by Reed Elsevier PLC.

The two executives said they would support some proposals to toughen laws governing consumer privacy.

They did not support a more sweeping prohibition on the sale of Social Security numbers, arguing such sales may be necessary for law enforcement or debt collection.

MORE FROM SECURITY

Security Section Front

Facebook hit by ‘Control Your Info’ intruder Twitter phishing ploy goes for ‘Direct Messages’ Red Tape: Your chance to spy on Google Hacking ring caught in $9 million fraud Tagged.com settles with states in invite fight Framed for child porn — by a PC virus Beijing puts foot down on ‘Oba Mao’ T-shirts Spain: Internet-related child porn on the rise Google providing better view of personal data EU agrees on new Internet user rights Security Section Front   Add Security headlines to your news reader: