Privacy group: Identity-theft monitoring service a waste

Consumers who sign up for identity-theft monitoring services may be getting a lot less protection against some common types of fraud than they assume they are, according to an online guide released Monday by the Privacy Rights Clearinghouse (PRC).

What's more, many of the services offered by identity-theft monitoring vendors can often be obtained for free, the San Diego-based privacy advocacy group claimed.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]

The PRC's guide doesn't mention any vendors by name and notes that the available monitoring services "vary tremendously" in what they offer. Even so, many of them are overpriced and don't provide anything close to full protection against identity theft or credit fraud, said Paul Stephens, the PRC's director of policy and advocacy and the author of the guide, which offers tips on selecting monitoring services.

"There is no correlation between the price you pay and the services you get," Stephens said. People who think they need monitoring services should first make sure that there are no free or lower-cost alternatives that they can take advantage of, he added.

Monitoring services are most useful, Stephens said, in helping individuals detect new-account fraud resulting from someone using their name, Social Security number, and other personal information to open credit-card, mobile phone or other accounts. Often, such fraud is hard to spot until after the fact, according to Stephens. He said that credit monitoring services can quickly alert victims, although the protections can be inadequate if vendors don't monitor credit reports at all three of the major credit-reporting bureaus.

In general, monitoring services fail to protect against a variety of other kinds of fraud, Stephens said. For example, they seldom catch the misuse of existing accounts, such as making fraudulent purchases with an existing credit card. Similarly, the services aren't of much use against debit and check card fraud, or in situations where an imposter might use another individual's Social Security number to obtain employment, he claimed.

In addition, they offer no protection against the fraudulent use of personal information for purposes such as obtaining a driver's license or making false claims for medical goods or services, Stephens said.