Entrusting data to an agency that breaks the law.

Martin H. Bosworth, at ConsumerAffairs.Com, discusses recent revelations that the TSA has broken a number of the very few laws limiting its almost unlimitable actions - such as collecting profiling data after promising not to do so. He writes, "This has aroused concerns among privacy advocates and opponents of the "Real ID" Act who believe that entrusting such a complex enterprise to companies that have already proven incapable of protecting the data they collect may lead to even more instances of identity theft." Some quotes:

Opponents of these provisions maintain that additional security requirements are not only burdensome to implement and unnecessarily invasive, but offer a dangerous opportunity for "information broker" companies to hoard even more data.

Acxiom itself was ahead of the identity-theft curve, as its servers were hacked by employees not once, but twice - first in March 2003 and again in July 2004. Both times, millions of aggregated data records were stolen and put up for sale on the "gray market" of identity theft rings.