CUNA Comment Letter

ID Workshop

March 23, 2007

Federal Trade Commission/Office of the Secretary
Room H-135 (Annex N)
600 Pennsylvania Avenue, N.W.
Washington, D.C. 20580.

RE:    ID Workshop – Comment, PO75402

Dear Sir or Madam:

The Credit Union National Association (CUNA) appreciates the opportunity to respond to the request from the Federal Trade Commission (FTC) for comments in response to the FTC’s upcoming workshop that will address authentication issues. CUNA represents approximately 90 percent of our nation’s 8,700 state and federal credit unions, which serve nearly 87 million members.

Summary of CUNA’s Comments

Discussion

The goal of a regulatory approach with regard to authentication should be to ensure that it strikes a balanced approach. We believe that all parties that handle consumer identifying information should share the responsibility of protecting this information. This would include those who use, store, or transmit this type of information. In addition, this approach should ensure that neither consumers nor industry is disproportionately burdened and should include measures to protect consumers’ identities that facilitate, rather than impede, commercial activity.

The use of SSNs as unique identifiers has long facilitated information exchanges involving government agencies, including law enforcement, and has also proved beneficial to the private sector, which has adopted the use of SSNs for commercial transactions. However, we recognize that the use of SSNs has at least partially contributed to the rapid growth of fraud, especially identity theft. However, prohibiting the use of SSNs in the private sector may not resolve these problems. Prohibiting such use will only require the use of another method or number for identifying individuals. Any unique method or number system would render consumers vulnerable to fraud that would result from security breaches, whether it is based on SSNs or another numbering system.

CUNA supports the continued development of new and emerging authentication technologies, while recognizing that these technologies will need to change and become more sophisticated over time in order to match the ability of criminals to breach these systems. These new technologies should be incorporated in any regulatory approach that addresses these problems.

CUNA also supports consumer education and public awareness campaigns that protect consumers against fraud, including identity theft. For example, CUNA has been very proactive in providing educational materials on identity theft for our members, as well as communicating our members’ concern to both the FTC and the National Credit Union Administration (NCUA). These efforts include providing information on our website and through other means, such as information that credit unions may share with their members who have experienced or are concerned about identity theft. CUNA has also met with the FTC to discuss means in which CUNA can promote the “Deter, Detect, and Defend” campaign that the FTC recently initiated. CUNA has also submitted comment letters to the FTC and NCUA in response to a number of regulatory proposals that have been issued in recent years on these and other related issues.

Thank you for the opportunity to comment on these authentication issues. If you or your staff have questions about our comments, please give Senior Vice President and Deputy General Counsel Mary Dunn or me a call at (202) 638-5777.

Sincerely,

Jeffrey Bloch
Senior Assistant General Counsel