Hi, I’m Justice Breyer and I Want a Lexus: Jurist Part of Security Breach of Personal Data

Justice Stephen G. Breyer was among the clients of Wagner Resource Group that had his personal data made public — after an employee used the firm’s computer to swap music on the file-sharing network LimeWire. It included his name, date of birth, and social security number. As someone who had a former CBS employee steal his identity to buy two Lexus cars, I can sympathize.

The most interesting aspect of this story would be a possible recusal from future cases involving such breaches. The firm is clearly negligent in not having sufficient protections on this information. Moreover, they are responsible for the actions of the employee. While the firm can argue that this was a “frolic or detour” (and not in the scope of his employment), there seems ample grounds for either direct negligence or an colorable claim of respondeat superior.

In my own case, my identity was stolen by a security employee at CBS when I was under contract with the network, click here.

Until that time, I did not know that I could just walk into a dealership and buy two luxury sedans. It always takes me forever to do the paperwork. Yet, in the Bronx (a haven for identity theft) it is a simple affair. What was most shocking is the total lack of communication or serious interest from the Bronx District Attorney’s office.

Time will tell if any additional injury (beyond the public disclosure) leads to litigation against this firm.

For the full story, click here.

6 thoughts on “Hi, I’m Justice Breyer and I Want a Lexus: Jurist Part of Security Breach of Personal Data”

  1. “The US Senate will some time today facilitate this administration in the identity theft of 300 million Americans.”

    Must … not … comment … (Sound of head exploding.)

  2. whooliebacon,

    That is scary.

    Seth,

    Elizabeth Warren of Harvard writes extensively on how credit reporting agencies put all the onus of fixing/finding errors (many of which they made) on our credit reports. As you said, in this they are aided by our trusty friends in the House and Senate.

    The credit agencies make a lot of money off “our” data. I hope there will someday be a law making our data ours!

  3. Whooliebacon,
    You hit the nail on the head. Prof. Turley, did you at least get to drive one of the cars??

  4. The US Senate will some time today facilitate this administration in the identity theft of 300 million Americans.

  5. It’s a jurisdictional issue. It’s a high-value crime, but the victim isn’t local, the criminal isn’t local unless he’s dumb, and the local party is the ‘innocent’ dealership which didn’t really suffer a loss. In reality they may have turned a blind eye to shady acts, but how do you prove it?

    The lender is out the difference in the value of a new car and the recovered car, but again they’re in a different jurisdiction and have a vested interest in hiding just how easy it is to exploit them. Toss in the cost of pushing the local DA to act vs. the actual loss, and it’s cheaper for them to drop the matter and just pass higher costs (to cover the loss) to everyone.

    The only real solution is to put the costs of identity theft on the businesses with poor practices, not the individual who was probably hit through no act (or failure to act) of his own. But, gosh, who is spending millions and millions of dollars on lobbyists? Who has in-house lawyers, vs. the family hit with hours and hours of paperwork and follow-up phone calls?

    Even obvious solutions (which should be done regardless), like letting customers set a flag on their credit reports saying that credit extenders -must- get affirmative confirmation on any amount over $X dollars or the contract will be unenforceable, runs into various practical problems. It’s easy to see what this means when somebody wants to get a $2000 credit card at Best Buy to buy a new plasma tv (a lost sale for BB, which is why they resist it 🙂 ), but what about the guy in the car dealership who says his car was just totalled and he needs to replace it? Or the one in Home Depot who says his refrigerator just died and he needs something to keep his insulin cold? How do you distinguish them from fraudsters? If a faxed signature form is enough, how do you know it isn’t an ID thief anyway? Do you make him go home and wait for postal mail? If so, how are you sure his home address isn’t bogus?

    It’s a serious problem — hundreds of millions or billions of dollars every year — but no obvious answers.

Comments are closed.