U.S. Customs and Border Protection (CBP) has posted to its Web site a notice announcing that the China safeguard quotas on cats 338/339 and 352/652 filled on July 5, 2005 at 8:30 a.m. According to CBP, the proration amounts for entries presented at the fill moment are as follows:

In a statement containing his June 9, 2005 oral testimony before the House Government Reform Committee, Department of Homeland Security (DHS) Secretary Michael Chertoff answered a question on the use of third-party, certified auditors to improve container security/inspection, by stating that DHS is starting to talk about how it can tap into that expertise, so DHS doesn't have to own everything itself. Secretary Chertoff added that DHS wants to set the baseline, and does not necessarily want to operate it all as a government operation. (DHS statement, dated 06/09/05, available at http://www.dhs.gov/dhspublic/display?content=4536 )

Consumers need stronger federal protection against improper collection and sale of personal data and fast notice when sensitive data has been put at risk, the House Homeland Security Committee’s Democratic staff said. The report urged Congress to: (1) Regulate data brokers by extending the Fair Credit Reporting Act (FCRA) to data brokers like ChoicePoint and LexisNexis, requiring they hew to the same data-sharing standards and consumer protections as consumer reporting agencies. (2) Set data security standards imposing on data brokers and credit reporting agencies obligations similar to those the Gramm- Leach-Bliley Act places on regulated financial institutions. (3) Mandate uniform notification methods for data brokers, consumer reporting agencies and financial entities to use in notifying consumers after a breach in any data system in which an unauthorized party is likely to misuse sensitive data. (4) Require retailers to assume more responsibility for guarding customer data by stipulating any business that routinely collects and maintains customer credit card, check or other payment data notify customers or their financial institutions in instances of data breach. The report called data breaches and ID theft especially troublesome because they show how easily terrorists could adopt false identities to sneak into the U.S. or finance operations. And criminals use off-the-shelf technology to make counterfeit IDs that are hard to detect. The report was prepared for Democratic Reps. Bean (Ill.), Thompson (Miss.) and Markey (Mass.).

Consumers should be able to opt out of the databases held by consumer e-mail address list brokers, the Electronic Privacy Information Center (EPIC) said. A system letting consumers tell the 100 or so major list brokers they don’t want to get messages is more efficient than forcing consumers to tell every spammer the same thing, the system created by the CAN-SPAM act, said EPIC in comments to the FTC on CAN-SPAM rulemaking. List brokers collect e-mail address lists and sell them to companies who use them for mass e-mails. The FTC, EPIC said, can pursue list brokers, although they don’t fall under the purview of CAN-SPAM, by: (1) Using the FTC’s deception authority to act against firms claiming to give consumer e-mail lists only to “trusted partners” but instead making lists available to anyone; (2) Using its unfairness authority, since consumers can’t prevent their data from traffickers and the benefits list brokers provide are outweighed by the harm they cause; (3) Establishing an opt-out option by rulemaking and (4) Seeking authority from Congress to go after the list brokers. The comments likened EPIC’s proposed system to the FTC’s Do-Not-Call Registry, where customers place their names in a central database that bars telemarketers from calling them. While the 2 methods don’t function exactly the same way, EPIC said, both “strike at the root of the problem, rather than plucking at the leaves.”

A data broker snarled in a high-profile breach earlier this year has won a 5-year Internal Revenue Service (IRS) contract. ChoicePoint said Mon. the $20 million deal gives the IRS access to its custom data solutions. The award is for batch processing, which involves automated delivery and processing of data files, cutting the need for human intervention and enabling clients to generate relevant data on large populations in a timely fashion, ChoicePoint said. More than 25 federal agencies use ChoicePoint batch solutions to support their daily activities. The company in Feb. revealed the possible disclosure of data on more than 100,000 individuals in a breach, after which thieves defrauded numerous victims. Senate Judiciary Committee Ranking Democrat Leahy (Vt.) called the deal “especially galling right now to be rewarding firms that have been so careless with the public’s confidential information.” ChoicePoint’s recent breach was scrutinized in recent Judiciary Committee hearings Leahy requested. “The dust has not yet settled and the investigations are incomplete on ChoicePoint’s lax security practices,” he said. “We should at least take a pause before rewarding such missteps with even more government contracts.” The senator added that Congress needs to study these contracts and the adequacy of their provisions to protect security and privacy and their penalties for failures. Leahy said the contract highlights the need for the legislation he and Chmn. Specter (R-Pa.) have drafted. The bill would place privacy and security front and center in evaluating whether data brokers can be trusted with govt. contracts that involve sensitive information.

Companies would have to make data security breaches public, and those failing to tell consumers when they may be at risk of ID theft could face criminal prosecution, under a bill expected this week from Senate Judiciary Committee Chmn. Specter (Pa.) and Ranking Democrat Leahy (Vt.). The measure comes less than a week after MasterCard said a breach might have exposed 40 million credit cards to fraud. After a string of high-profile breaches involving ChoicePoint, Lexis Nexis and others, Congress and state legislatures have been inundated with proposals to clamp down on ID theft and tighten controls on entities that collect and distribute data.

U.S. Customs and Border Protection (CBP) has issued an ABI administrative message regarding Customs brokers and the Periodic Monthly Statement (PMS) bond rider requirement.

U.S. Customs and Border Protection (CBP) has posted to its Web site new "Trade Engagement Biweekly Reports" which summarize topics discussed during workshops held to develop the business requirements for Automated Commercial Environment (ACE) Release 5.

The National Oceanic and Atmospheric Administration (NOAA) has issued a notice announcing that it has renewed the affirmative finding for the Government of Mexico under the Marine Mammal Protection Act (MMPA). This affirmative finding allows yellowfin tuna harvested in the Eastern Tropical Pacific in compliance with the International Dolphin Conservation Program (IDCP) by Mexican-flag purse seine vessels or purse seine vessels operating under Mexican jurisdiction to be imported into the U.S., effective April 1, 2005 through March 31, 2006. NOAA explains that every 5 years, governments must request an affirmative finding and submit certain documentation. In addition, on an annual basis, NOAA will review the affirmative finding and determine whether the harvesting nation continues to meet the requirements. (FR Pub 06/17/05, at http://a257.g.akamaitech.net/7/257/2422/01jan20051800/edocket.access.gpo.gov/2005/pdf/05-12022.pdf)

FTC comrs. quibbled Thurs. with senators over identity (ID) theft provisions in current legislation. A Senate Commerce hearing also featured senators who aren’t on the committee pushing for more stringent ID theft provisions and a state attorney general defending states’ role in drafting ID theft laws. The hearing’s timing was fortuitous for the FTC, which announced a settlement Thurs. with a firm that suffered a breach (see separate story). Also Thurs., a security breach at the FDIC was made public. The agency told employees last week their sensitive personal data had been breached early last year and was used to get fraudulent loans in a “small number of cases,” the Washington Post reported.