By Walter Dubowec

A new report from the Berkeley Center for Law and Technology finds that the world's biggest banks and telecommunications companies are most frequently the companies whose security is lacking and thus become targets for data breaches.

Unfortunately, it is consumers who become the victims of the eventual identity theft crimes. This is according to data collected from the Federal Trade Commission (FTC).

The study was compiled from 88,000 complaints filed with the FTC over a three month period in 2006. It concludes that major banks and telecommunications companies accounted for a much larger portion of the filed complaints than other industries.

             

According to author Chris Hoofnagle, a senior fellow at the Berkeley Center, the report was designed to provide consumers and regulators "objective tools" to compare banks, consumer service providers and utilities based on how they handle security and incidents of fraud and theft.

"Without such tools, consumers cannot 'vote with their feet' and choose safer institutions,” said Hoofnagle.

Here is a summary of the report's findings:

• Bank of America ranked highest of all the companies, with an average of 1,117 incidents over the three-month period. Next was AT&T with 763 incidents, followed by Sprint Nextel with 698. Rounding out the top five were JP Morgan Chase (including Chase and Bank One) with 613 cases, and Capital One with 442.

• The institutions with the lowest number of complaints over the period studied were Macy's (2.9 incidents per month), BellSouth (3.9 incidents per month), and Dell (1.8 incidents per month).

• In studying the banks, when Hoofnagle divided the incidents by total deposits, HSBC had a higher rate of fraud than Bank of America, at 21 incidents per billions of deposits compared to Bank of America's 17 incidents. ING Bank had the lowest rate of fraud, with one incident reported over the three-month time period.

The exact source of each identity theft crime is often impossible to accurately determine. Hoofnagle noted that many factors contribute to identity theft which complicates studying the findings.

Among them were incidents of "synthetic identity theft," where the thief takes pieces of genuine identities and forges a new false identity to commit crimes with, would not be accurately reflected in the complaints.

Hoofnagle also believes that the lengthy FTC complaint form could discourage many consumers from providing accurate data, which results in difficulty in linking incidents to the proper financial institutions and/or major service provider.