This is the day we'll see one of the most successful product launches in history. It will be studied in classrooms for years -- by public relations students.

The launch of the iPhone is a phenomenon. Not a technology phenomenon -- a marketing phenomenon. For weeks, we've been pounded with incremental stories about this new little phone -- it will play YouTube videos! Its battery is new and improved (already?)! In 13 years of covering technology, I can't recall another product launch with more hype that the Apple's iPhone, unless you reach all the way back to the Rolling Stones and Windows 95. Well, maybe Dean Kamen's roller/scooter, going-to-change-commuting-forever thingy. What was that called, anyway?

Sorry, Apple faithful: It's not worth the hype.

Before you all start bickering with me, I've invited other MSNBC.com technology writers and editors, as well as NBC News correspondent George Lewis, to bicker with me. In the spirit of this overhyped day, we're calling this new feature Red Tape Wrestlemania! After my colleagues call me stupid, you can do the same below.

Let me qualify what I'm about to say this way: Apple has a built-in following which will make the iPhone qualified success, no matter what it is and what it does.

But there are so many factors that will limit iPhone's success, I don't know where to begin. Given all the whiz and all the bang, will it really last all day and play your iTunes on you evening commute? If it doesn't, you'll still need an iPod. Then what good is it?

More on point, what if Cingular's signal at your condo sucks? No matter how slick the thing looks, if the phone drops calls, you've got a $600 paperweight on your hands. Remember, Cingular/AT&T is the customer service complaint champ over at the Federal Communications Commission, and at Consumer Reports. Tying the Apple name to Cingular/AT&T service is certainly a risk.

What if Cingular's EDGE broadband network lives up to its reputation as inferior to Verizon's EV-DO network, or T-Mobile's 3G network? It's cool to receive e-mail attachments on your phone, not cool when your friend's $299 phone gets them faster. Web browsing on EDGE will likely be painfully slow. Again, if you get an iPhone and you need to find a Wi-Fi hotspot to use it, you have a very expensive, old-fashioned cell phone in your pocket there.

And what happens when you scratch that $600 screen with the keys in your pocket? Or when the battery dies after 300-400 charges? Or if your company won't fiddle with its servers and allow you to access corporate e-mail with it?

Apple hopes to sell 10 million of these things in the first year, and it probably will. But Cingular/AT&T only has 60 million total customers. Getting many more than 10 million of them to buy this top-of-the-line phone will be quite a trick. Will the iPhone raid other services' customers? Not so easy -- 50 percent of Americans say they can't switch because of early termination fees.

Then there's the gadget itself. Being Apple, I'm sure the interface will be a knockout. If anyone can make something out of touch-screen technology, which to date has really only worked on ATMs, it would be Apple. When I watch those TV ads, however, I imagine all but the most digitally dexterous will clumsily fat-finger through their e-mail day after day. Oops, didn't mean to open that. Oops, didn't mean to close that. I use my fingers now on my smart phone. It ain't pretty.

Launch of the iPhone has been repeatedly -- and erroneously -- compared to launch of the iPod. How quickly we forget. When the iPod arrived, the music download business -- business? -- was in utter chaos. Most files were stolen. Regular people didn't know what tunes played on what gadgets. MP3 players, such as they were, behaved like small, hard-to-use computers. Into this vacuum came Apple, with a beautiful device that had only two buttons. The gadget brought harmony to chaos, and it literally created the legitimate music download business.

There is no parallel to today's cell phone market. Adults already know how to use their phones; kids have no trouble texting each other. A new gadget with incremental improvements -- slightly better cell phone pictures, but nothing you'd really send home to grandma -- is certainly welcome. Here's hoping Apple pushes other smartphone makers to greater things. (Can we please talk on the phone and receive an e-mail at the same time? Anyone?)

But once Steve Jobs finishes downloading money from Apple faithful in the next few weeks, expect quite a slog (and soon, much lower prices) for the iPhone.

Michael Wann – Technology editor

OK, here's my two cents. $598.98 more and you can buy an iPhone.

The iPhone will be a huge success. In order to understand that, you have to look at it this way: It's not a new phone that plays music; it's a major upgrade to the already wildly successful iPod. And betting against a new iPod is a dicey proposition at best.

We’ve known for years that there was a real market for cell phones that play music, but the reason it never blossomed is that Apple, whose market position in media players far outstrips any other, had not yet made one. Apple’s iPod has more than 80 percent of the market for music players and iTunes, its online music store, is now the third-largest U.S. music retailer, according to the NPD Group. Apple has no real challengers in this space and likely won’t for the foreseeable future.

The high price point won't be a significant barrier, either. If you think about how much a good cell phone with a camera costs, then add to that the cost of an iPod Nano, you actually come up with a savings. At least that's how I would justify it to myself if I were to buy one.

The iPhone also won't fail because it's perceived to be inferior to smartphones or the Blackberry. Apple doesn't need to compete in that market. Anyone who wants business-grade e-mail service will still get a Blackberry.

But the market for business communications devices is minuscule compared to the market of regular people who like to send e-mail and text messages. Even with a keyboard on the screen, which could prove to be obnoxious, texting and e-mail will still be far superior on an iPhone than on a regular handset.

It could come to pass that talking on the iPhone and listening to music makes for short battery life, but terrible batteries in the early days of cell phones didn't keep people from using them. Also, the glass screen could prove easy to scratch or crack and be perpetually smudgy, which would be annoying. But neither of those would be deal-stoppers.

If the iPhone's interface isn't glitchy and if it truly moves as quickly as the demonstrations indicate it does, the transformation of the iPod from a media player to a powerful communications device will be a game changer.

George Lewis – NBC Nightly News Burbank correspondent

Bob, You make some good points. That unswappable battery may not be an issue for your average IPod user, but when it's your phone, that's another story. "I'll call you back in a couple of weeks when my IPhone comes back from the factory."

As for the wonderful AT&T EDGE service, we've got it on our NBC BlackBerries here in Burbank. I can drive halfway to LAX as I wait for my flight itinerary to load from the GE Travel website.

Then, there's the joy of writing on a glass keyboard. (Wall Street Journal tech columnist Walt) Mossberg tells me that after the first week, he got used to it and loves it, but there's just something about pressing keys that my senses demand.

And then, does it pass the klutz test? I've bounced Nokia, Motorola, and Samsung cellphones off the pavement, not to mention that BlackBerry. Wonder what would happen to the IPhone? Mossberg says he hasn't tried that test. Maybe that's why Apple wouldn't give me a demo unit ahead of Friday.

Allison Linn – Business writer

You hear a lot of discussion about the particulars of the iPhone: Will you be able to use that touch screen? Will the battery life hold up? Is it worth the price?

What about, What is the risk that Apple faces?

As my colleague Bob Sullivan pointed out, so far the most interesting thing about the iPhone has been what a brilliant marketing phenomenon it has become. Read the latest iPod story, and it’s not hard to visualize everyone else in the consumer technology business stuffing pins in their Steve Jobs doll, or throwing darts at their iPhone dart board. Why? Because no matter how many highly paid PR people they employ and how many sources they develop in the media or the blogosphere, they will never get the free publicity that Apple has garnered just by showing up.

Now, that's great news for Apple -- if the iPhone lives up to the hype. But what if the battery does prove shoddy? What if there's an embarrassing security breach? What if AT&T can't live up to its end of the bargain and provide the basic service -- a good connection -- that underpins the entire operation?

With expectations so high, some people are bound to be disappointed. Apple won't have a problem if there are a limited number of naysayers. But if there's a real flaw? With so much scrutiny, the iPhone has the potential to go from hot to flop faster than you can say, "Anyone remember the Newton?"

If I were an executive at Apple, that would be keeping me up at night.

Kristin Kalning – Games writer

I'm a Cingular customer, and I will not be buying an iPhone. At least not this go-round.

I have an iPod, but I wasn't one of the early adopters. The first ones were huge and expensive – and I just didn't need one. My plate-sized portable CD player worked fine, so I waited until it expired before grudgingly plunking down the dough for an iPod mini. I was giddy for a couple of weeks – how sleek! how easy! But then, six months into its short life, my iPod just stopped working.

I got another one – gratis – after spending a torturous hour with an Apple “Genius.” A year later, the same thing happened. I would have chucked the thing into the Puget Sound long ago had I not invested hundreds in iTunes media. I’m no longer in love with my iPod. We have a marriage of convenience.

So if past is prologue with Apple gadgets, I'll just hang onto my boring old Motorola whatever-I-have and wait for the iPhone to come down to Earth a little. I'll live without it. I have a phone. I have an iPod. They may not be the newest and the coolest, but I don't care. I don't need the newest and the coolest, and I'll bet that many of my fellow Cingular subscribers feel the same way.

Of course, when my husband saw the iPhone commercial, the one with the dog on a skateboard, he said: "Cool! I want YouTube videos for $600!"

O.K. But I'm not waiting in line.

Jasmin Persch – Technology intern

I am so over the iPhone. All the hype has cheapened it for me. While the touch-screen multimedia-playing, Internet-surfing mobile phone sounds impressive, the skeptic in me fears it's a good-on-paper gadget. Call it first-version jitters, if you want.

Then there’s the issue of the lofty price tag. As a budget-conscious intern, the iPhone isn’t financially within reach. And even if it was, I probably wouldn’t bite. I’d rather wait for others to test this new technology before I charge more than half a grand to my credit card.

Of course, if somebody bought it for me as a gift, I wouldn't turn it down. I have manners. But I'd hang on to my iPod and cell phone until the "I-can-do-it-all" iPhone proves itself worthy as my only wireless device.

Joe Hutsko – Technology writer

What I'm most wowed about are the calling plans, which include unlimited data access. I'm already an AT&T customer, and months ago I managed to find the $20 unlimited data add-on feature to my 1,500 anytime minutes plan (I joined AT&T when it was AT&T GSM, then it turned into Cingular, now it's AT&T again), and according to the new info, I'll be able to keep my plan as-is. That $20 plan I've enjoyed has enabled me to travel to the city for day or weekend trips and leave my notebook behind.

At one point I switched to a Treo phone, which was perfect for checking e-mail, using AvantGo and Vindigo for staying up on news when in the subway or finding restaurants or movie times, and staying in total sync with my contacts, calendar, and -- very important to me -- notes. When I heard the iPhone won't have AvantGo or Vindigo I thought no way will this thing work for me. Then I had an ah-ha moment: Wait, this thing has a real web browser and the promise of more widget-like apps. Who needs those two mini-programs when I can just find the real thing online?

Lucky for me most of my friends are also on AT&T, so mobile to mobile minutes are free. I may even switch to the less costlier plan and trust that my rollover minutes will accumulate over upcoming months. Will I get along with the keyboard? We'll see. But early reviews are saying it's totally workable. Will I miss the fact that there's no video or copy and paste feature? Probably, but those aren't deal breakers for me, and I suspect future software updates will make both missing elements, and more, possible.

The only thing I have not heard much about and want to know more on is the notes feature. Are they stand-alone "sticky" notes or will they sync with the Mac somehow, or with notes in Outlook for Windows users? Apple's upcoming OS upgrade, Leopard, shows notes built into the new e-mail client, so perhaps syncing notes between the iPhone and that application's notes feature is just around the corner.

Lastly, I'm one of the few people I know who actually reads eBooks on handheld devices – first on my Treo 680, and more recently on the Nokia 6682, because it has better reception than the Treo. No, there's no full keyboard, but I manage fine. And the application eReader works fine on it, so I'm never without a literary diversion when waiting in line or riding the subway or visiting a friend and crashing on the sofa. I just turn on my phone and resume whatever I was reading (currently a slow, pleasant read through Stephen King's "On Writing"). I'm hopeful the iPhone will have an eReader soon, and also a productivity suite like Desktop to Go for Palm and other devices, so the iPhone can create Word documents and the like. (The demo shows the iPhone opening a Word doc, but not creating it.)

Is the iPhone expensive? Darn-tootin', but when taken as a sum of parts it's not too outrageously priced. High, yes, but not so high that a gadget guy like me won't spring for one when my next couple of checks come in. Count me in.

Cyberbullying may not be as widespread as feared, as most teenagers are more worried about old-fashioned pushing and shoving than online tormenters, according to a new study.

Still, about one-third of all teenagers say they've been bullied through the Internet, complaining about a range of attacks that range from annoying to dangerous, according to research released Wednesday by the Pew Internet and American Life Project.

While focus groups with teenagers conducted for the study unearthed plenty of horror stories, the research suggests that computer-based taunting among children may not be as widespread as some feared. Only 6 percent of participants said someone had posted an embarrassing picture of them online without permission, for example. And 13 percent said someone has spread rumors about them online.

On the other hand, 67 percent of kids said they were more likely to face real-world bullying than cyberbullying.

Researcher Amanda Lenhart said the results were unexpectedly tame, given the media attention focused on the problem of cyberbullying. Computer conflicts apparently don't faze kids that much, she said.

"The computer is just part all the experiences kids have now," Lenhart said. "It's part of what it means to be a kid. ... Still, it's important to note that one-third of kids have been targeted."

Cyberbullying is psychological rather than physical, Lenhart said – but it can go far beyond virtual name-calling. Embarrassing photos secretly taken in schools, at parties, or on the beach can end up on the Internet, for example. Instant messages intended for a private audience can be posted on MySpace pages. And in a 21st Century version of traditional bullying, threats of physical violence are easy to make anonymously online.

During focus group discussions conducted after the survey, a 15-year-old boy told researchers he had threatened to kill someone online, but added it was only a joke.

"I played a prank on someone but it wasn't serious," he said, according to the report. "I told them I was going to come take them from their house and kill them and throw them in the woods. It's the best prank because it's like 'oh my God, I'm calling the police!' and I was like 'I'm just kidding, I was just messing with you.' She got so scared though."

Some bullying has unexpected consequences. One 17-year-old boy who talked with researchers said a photograph of him taken at a New Year's party was posted online without his permission and seen by officials at his high school. He was suspended.

The dangers of forwarded messages
The most prevalent form of cyberbullying involved publishing someone's private e-mails or text messages in a public space -- about 1 in 8 teens said that had happened to them. Many said the content of those digital conversations was sometimes altered to make the author appear to say embarrassing things.

"I was in a fight with a girl and she printed out our conversation, changed some things that I said, and brought it into school, so I looked like a terrible person," a middle-school girl said.

Alteration of digital content isn't always that tame. Another middle school student told researchers about a gay student's home page being taken over by young bigots.

"I have this one friend and he's gay and his account got hacked and someone put all these really homophobic stuff on there and posted like a mass bulletin of like some guy with his head smashed open like run over by a car," she said. "It was really gruesome and disgusting."

Lenhart said her study picked up a slim gender gap in online bullying: more girls say they are victims than boys. Girls 15-17 were about 10 percent more likely than boys the same age to be targeted. Girls 12-17 were almost twice as likely to report a particular form of cyberbullying -- having rumors about them spread online -- than boys.

"Bullies are very creative," Lenhart warned. "What we have here is junior high writ large."

RED TAPE WRESTLING TIPS
Like real-world bullying, there's really no way to stop cyberbullying. But there are a few things kids can do to limit their exposure.
• No privacy. Everyone knows this, but everyone forgets this. Everything you type online, even in private e-mails or IMs, can end up in public for all the world to see. For this reason, use the phone or talk in person for really private conversations. And remember, even innocent-sounding jokes can sound terrible when taken out of context.
• Strong passwords. Kids try to hack into each other's e-mail and MySpace pages all the time. Never share your password, even with friends (today's friend could be tomorrow's enemy). And use strong passwords, mixing letters, numbers, and punctuation characters so that it's hard for others to guess.
• Parental involvement. Parents need to be aware of cyberbullying techniques -- they are changing all the time, said Lenhart -- and keep an open dialog with their teens about the kinds of things they might be facing at school. For example, text-message bombing, which overloads a kids' phone with hundreds of messages, is the latest trick, Lenhart said.
• More parental involvement. Family therapist Susan Shankle, author of What in the World Are Your Kids Doing Online? endorses an aggressive form of parenting to put the brakes on cyberbullying: "Nothing takes the place of parental involvement," she said. "Parents need to periodically check computer history and cell phones for messages that a child may feel scared to report."

Just how easy is it to hack into a cell phone?

The strange story of Heather Kuykendall and her neighbors in Tacoma, Wash., begs that question. Kuykendall says someone has managed to hijack her phone and use it to spy on her. Whoever it is apparently is able to turn her phone on and off, order the unit's camera to take pictures and even enable the speakerphone function so the device can be used as a bug. You can see the icky details in a Michael Okwu report that aired Friday on the Today Show.

Cell phone hacking to read someone's contact list is one thing; but cell phone spying is a far more disturbing possibility. Could whatever happened to Kuykendall and her neighbors happen to you?

The short answer: Yes, but it's very, very unlikely.

Cell phones are loaded with so much personal information -- and have so many new capabilities -- that phone hacking has been the holy grail for computer criminals for some time. Remember the hubbub after Paris Hilton's T-Mobile phone was "hacked" and her contact list stolen? Her Hollywood friends were getting prank calls for weeks.

Today, phones have even more capabilities. Many have GPS chips, allowing telephone companies -- and probably hackers -- to determine the exact location of any phone user. If computer criminals could figure out how to hack into these smart phones, imagine the chaos that could follow.

They've been trying. For years, enterprising software developers have invented tools that turn cell phone handsets into spying devices. Some are even sold commercially. These tools remain very rudimentary, however. Most important: They require physical access to the phone, both to load the spyware and to turn it on.

If you think about it, this physical access requirement severely limits the threat of cell phone spying. An anonymous criminal tapping into your phone from across the Internet is frightening; having a family member or ex-boyfriend spy on your phone is still spooky, but that's not really a technology problem. After all, someone who had possession of your phone long enough install software could also read through your sent text messages.

There have been some demonstrations of spyware being added to cell phones without physical access -- over short distances using Bluetooth technology, for example.

New viruses being developed
In an effort to install cell phone spying software over longer distances, virus writers are also trying to invent Trojan horses that would trick consumers into downloading and installing spyware on their phones, similar to the way e-mail attachment viruses work, says Paul Miller, the head of mobile device security at Symantec Corp. But so far, there have been no confirmed attacks using this method, only experiments, he said.

Another problem for the virus writers: Only about 15 percent of cell phone users have "smart phones" with operating systems sophisticated enough to be hit by such an attack, Miller said.

That's part of the reason it's hard to hack cell phones. A PC hacker knows that any software flaw can be used to attack about 95 percent all computers, because the Windows operating system is so widespread. But there are numerous cell phone operating systems, so flaws can't be used for widespread attacks. Perhaps more important, hackers' can't build on one another's work.

"Any flaw you find couldn't be used on 98 percent of the phones out there," Miller said.

All these factors indicate that cell phone spying of the type that hit Tacoma would likely be committed by a family member, friend or neighbor.

But not everyone agrees that remote cell phone spying is so unlikely. Massachusetts-based security consultant James Atkinson says cell phones that run some operating systems designed to download new applications can be tricked into downloading spy software.

"It's just a matter of accessing the operating system," he said.

Atkinson could not point to confirmed cases of this happening. And if it were widespread, hacker chat rooms would certainly be abuzz with discussion about it. After all, when it became known that criminals could use caller-ID spoofing to hear other people's cell phone voice mail, that didn't stay a secret long. And stories of crazed ex-boyfriends spying on their former girlfriends through voicemail snooping were widespread.

That doesn't mean there won't some day be widespread spying committed with these incredibly sophisticated cell phone we are all carrying around. The more capabilities each cell phone has, the more chances that hackers can find a glitch and exploit it. So consumers should treat those smart phones with the same care they treat their PCs. Never agree to open a file or install a program that arrives unexpectedly, for example.

"These things are small computers," Miller said. "We want to get people the message to treat them like computers."

For the truly paranoid, you could consider removing your cell phone battery from your phone when you are not using it. That would foil any attempts to use it as a spying device. Of course, it would also severely limit the phone's usefulness. And you should balance a choice like that with the answers to some realistic questions, such as: How valuable would it be for someone else to remotely access your cell phone camera and take pictures of the inside of your pocket?

Every year, millions of Social Security numbers are "shared" by more than one taxpayer. Government agencies that collect taxes, like the Social Security Administration, spot this immediately. Sometimes it's an innocent mistake; sometimes, it's identity theft. But no one ever tells the victims.

That is, not until now.

A pilot project in Utah aims to warn consumers that someone else is paying state taxes using their Social Security number. Two years in the making, it is believed to be the first such project in the nation. The first "Dear Victim" letters, about 100, started arriving this week.

"We felt as their government that we had a duty to inform the victims so they can take proactive action," said Rich Hamp, assistant attorney general in Utah, who spearheaded the program.

Telling consumers that their Social Security number is being used by someone else might seem a simple proposition. But it's not.

The Utah project began in 2005, when Hamp's office was researching child identity theft. Working with the Utah Department of Workforce Services, which collects state employment taxes, Hamp learned the agency could cross-reference its public assistance data with its employment tax data and find Social Security numbers that were being used to double-dip. The search also unearthed thousands of numbers belonging to children receiving state benefits that were being used by adults earning money and paying taxes. The adults and the kids were essentially sharing Social Security numbers.

Why? There's no way to know without interviewing every victim. But Hamp believes many of those children are victims of identity theft. Many of the imposters, Hamp believes, are illegal immigrants who provide someone else's Social Security number in order to get a job.

It's possible for a victim to "share" a Social Security number with an immigrant and face no ill effects. Many illegal immigrants don't steal credit or do anything else that harms the victim's credit report. But often, they share these numbers with other family members – many victims report they have 5 or 10 imposters. Any one of them may ultimately run into financial or legal trouble that could ultimately be intermingled with the victim's identity. In one extreme example, a Bank of America customer named Margaret Harrison received a debit card with her name, but her immigrant imposter's face.

The problem is widespread. Each year, near 10 million people around the country pay their Social Security taxes using the wrong number, according to the Social Security Administration. In many of these cases, identity sharing – sometimes called SSN-only identity theft – is the cause. While Social Security has never examined the issue in detail, several indicators suggest many of the workers on the list are illegal immigrants, an issue we examined in-depth in "The Secret List of Identity Theft Victims."

$500 billion of earnings in limbo
When someone pays federal taxes using the wrong number, these "no-match" situations are flagged immediately by Social Security. When taxes are paid by a worker who is not the rightful holder of a Social Security number, the government sets the wage credits aside into what's called an "Earnings Suspense File." That file now holds more than $500 billion in uncredited earnings.

But the consumers involved are not notified that their Social Security number is being used by someone else.

Utah officials plan to change that, at least among state residents. Hamp's database merge produced a similar no-match list using available state records. In all, that data coughed up 20,000 numbers that were being used by multiple people, including 4,000 residents under 12 years old.

When the list of "shared" Social Security numbers was developed, the attorney general's office planned to notify children and their parents immediately. But a state law – the Employment Security Act -- stymied their efforts. It actually prevents the Department of Workforce Services from releasing any taxpayer information it collects to the public – even to the rightful owners of the information.

But Hamp and attorney general Mark Shurtleff didn't want to stop there.

"The attorney general's office was uncomfortable that we knew 20,000 individuals whose names and numbers were compromised, and we needed to tell them," Hamp said. So Shurtleff went to state legislators looking for a solution, and earlier this year the Employment Security Act was amended. Now, the agency can disclose Social Security mismatch information to consumers and to law enforcement agencies.

The new law took affect on April 30.

But there were still obstacles to sending out thousands of identity theft warning notices. Chief among them: Who would handle the inevitable flood of phone calls from victims who receive letters indicating they are likely victims of identity theft?

"The question is how do we notify people without clogging everyone's phone lines, without starting panic?" Hamp said.

Random sample, to start
The attorney general's office has set up a special Web site nicknamed IRIS (Identity Theft Reporting System) for victims who receive the letters. It provides necessary forms for them to file police reports and request fraud alerts and credit freezes from the credit reporting agencies.

Still, there were concerns that the "Dear Victim" letters could produce a much more emotional response.

So the Department of Workforce Services has decided to limit its initial letter-writing effort to 100 randomly selected victims, said agency spokesman Mike Richardson.
Agency employees searched for children aged 14 and under with quarterly earnings of $1,000 or more, then manually reviewed their files to pick out the most likely identity theft victims.

"We're doing it in a methodical way, so letters only go out to cases we're most concerned about," he said. The letters will direct victims to register at the IRIS Web site and begin the necessary paperwork.

While some might already know they are victims of identity theft, others likely have no indications they are sharing their identity. Accounts opened by imposters using SSN-only identity theft generally don't show up on credit reports or Social Security wage earning reports.

There is no guarantee that the letter recipients are really victims of identity theft by undocumented workers. Some children might be legitimately working, Richardson said. Some might be in the data by accident. Others might be victims of family identity theft -- parents sometimes use their children's Social Security numbers to shed bad credit reports, for example. Because the letters are going to parents, it's not likely authorities will hear back from those victims. And genuine victims might not react with as much alarm as some are predicting. Still, the agency didn't want to send out 20,000 notices and risk receiving 20,000 phone calls all at once.

"We will see what we get," Richardson said. "If all 100 (respond) and the attorney general's office is overwhelmed, that gives us an idea. If only 2 or 3 come back, then this might be workable."

At any rate, officials in Washington D.C. should watch Utah's effort closely. This experiment in government honesty -- we know you might be a victim, so we'll tell you -- could very well be a model for the Social Security Administration. MSNBC.com will track the Utah program and report back to you on its success or failure.

RED TAPE WRESTLING STRATEGIES:
Consumers who learn they are sharing their Social Security number with another worker have little recourse. They should place fraud alerts or security freezes on their credit reports, even if no illegal activity is apparent. An imposter who uses someone else's number solely for work purposes may one day run into financial trouble and be tempted to commit financial identity theft.

Checking annual Social Security earnings reports for mistakes is a good idea – particularly if you are not getting credit for your earnings. But SSN-only identity theft will not appear on this report, because only wages reported using the correct name and number are credited to your account.

Most consumers discover SSN-only identity theft by accident: A surprise denial when applying for unemployment benefits, for example, or a funny look or question from a bank teller when opening a new account ("Hmm, do you live in San Antonio, Texas?"). That might be a sign someone else has opened an account in your name at your bank or has given an employer your number somewhere else in the country. While these institutions are not legally required to share the bad news they see on their computer screens with you, many tellers and government employees will tell you informally. Don't leave and call a company official later; that official is less likely to be forthcoming.

What stands between a terrorist and a new U.S. passport? About two and a half minutes. That's how much time passport inspectors have to make sure applications are authentic.

Workplace quotas require passport inspectors, known as adjudicators, to process 24 applications every hour, according to Colin Walle, president of the federal employees union chapter that represents passport workers.

That's too fast a pace to catch would-be ID thieves, crooks or terrorists, the union has warned repeatedly. And internal memos obtained by MSNBC.com show that the State Department's Office of Passport Services has for two years in a row waived requirements to keep error rates on new passports under 1 percent. In some cases, high error rates have been blamed on Citigroup, which now performs initial processing of all passport applications, according to a State Department memo viewed by MSNBC.com.

Even at this breakneck, error-riddled pace, the agency will have trouble making a dent in a backlog of 3 million passport applications. If the State Department hired 200 new adjudicators today, it would take them nearly 90 days to work through the backlog -- assuming no time for training, according to MSNBC.com calculations.

Promised new workers missing?
Passport problems have a simple origin, Walle said: The State Department promised to hire nearly 400 new workers to handle the expected crush of new passports this year, when the Western Hemisphere Travel Initiative requiring passports for most North American travel took effect. So far, fewer than 200 additional adjudicators have been hired since the new requirements were announced two years ago, he said.

"Passport headquarters knew they needed a lot more workers, but they didn't get what they needed," Walle said. "Senior managers told us back in February '05 that they had requested an additional 468 staff (most of them adjudicators), but apparently someone else higher up … didn't grant the request."

According to data provided by the union, the passport office had 505 adjudicators in October 2005, and 698 as of June 11.

The situation is exacerbated by problems with outside contractor Citigroup, which is paid by the federal government to perform initial processing of applications, according to the U.S. Treasury Department. Citigroup-hired contractors open passport mail, cash checks and scan in hand-written applications in preparation for inspection.

The data, along with the applicant's supporting documentation, are then passed along to government employees who work as adjudicators. They decide, based on a database search and a glance at the documentation, whether or not a passport will be issued. They also double-check data entered by the contractors to make sure names are spelled correctly, addresses match, etc., before the passport is printed. Work standards require the adjudicators to maintain error rates of less than 1 percent.

Citigroup data entry mistakes blamed
But the software that Citigroup has used to scan the passport applications has produced error-riddled data results, according to the union. That's part of the reason the Office of Passport Services dropped the quality control standards two years in a row.

Most errors in passports are clerical, Walle said -- a misspelled name, an incorrect birthday or a swapped photograph. And not all can be blamed on problems with the original data entry. But those errors slow down the adjudication process, and hint at potential weaknesses in the passport processing system.

Citigroup took over the processing duties in 2005, according to the U.S. Treasury Department, which manages Citigroup's data entry efforts on behalf of the passport office.

Ann Barrett, then managing director of passport services, sent a memo to employees in November saying, "Due to the increased number of data entry errors by the new ... provider (particularly during the first half of 2006), passport specialists will not be rated for data errors." At the time, the memo said, Citigroup management promised to invest in new "Intelligent Character Recognition" scanning software to improve data accuracy.

"(I) personally talked with senior Citigroup management as recently as November 6 and impressed upon them the need to accelerate the introduction of this new ICR technology and to make other changes to their system, such as address verification, which should significantly reduce the error rate," the memo said.

But the problems persisted into this year, the union says. For evidence, Walle points to a memo sent to passport workers by a new acting director of passport services, Tyrone Shelton, on May 30 stating that error standards would be waived this year, too.

"We have decided not to evaluate passport specialists for data errors for the 2007 ratings cycle," it said. "Please encourage your supervisors to take this time to assist employees having difficulty achieving an error rate of less than 1 percent."

The memos were provided to MSNBC.com by the union; a State Department official asked about the memos did not confirm or deny their authenticity.

System is 'working well'
The State Department referred questions about Citicorp to the U.S. Treasury Department. Gary Grippo, assistant commissioner of Financial Management Services at the U.S. Treasury Department, denied Citigroup has any role in the troubles at the passport office.

"There have been no problems that are out of the ordinary," with Citigroup's data entry, Grippo said. "They are performing well … I'm not aware of anything that would contribute to a backlog."

He said he was not aware of the memo written by Barrett.

A Citigroup public relations official said the firm could not comment on individual contracts, citing customer confidentiality.

In Seattle's passport office, where Walle works, there is now a 100,000-application backlog.

"We've run out of shelves," the union president said, adding that overflow applications were at one time piled 6 feet high in bins that have at times overtaken the office's break room and some of the hallways.

Meanwhile, each of the passport adjudicators around the country is working mandatory overtime. Because of the way overtime productivity is calculated, workers on extra hours actually have slightly less time -- about 2 minutes and 10 seconds -- to inspect each application, Walle said.

RELATED COVERAGE

Analysis: Enough with passport fiddling, fine-tuning

Union members support the new passport requirement, Walle stressed, but said they want to be sure they have what they need to fulfill the requirements.

Not everyone believes the agency is working with utmost urgency to fill all open passport-related positions.

Len Perlman, 59, applied for a job at the Philadelphia passport processing center earlier this year through an outside contractor. After completing an extensive background check -- including nine non-family references -- he was hired.

"(Passport workers) are begging for help. They were so glad to see me on my first day," Perlman said. "… I've never seen anything like that."

'It is really chaotic'
Five weeks later, he was told he'd actually failed the background check, and was fired. Confused, he enlisted the help of Sen. Arlen Specter's office and was told two weeks later that the background check failure was an error. He is now eligible to be rehired, but has been told that process might take 30 to 45 days.

"There is irony in this whole thing," Perlman said. "It is really chaotic. This might be one of the reasons they are having trouble."

The Senate Foreign Relations committee is expected scheduled to hold hearings on the State Department's response to the passport problems on Tuesday.

MORE FROM MSNBC.COM

• Practical Futurist: Is the Internet dumbing us down?

• Circumcision's decline pinned on immigration

• Missing woman's toddler son may offer clues

Military spouses are frequent targets for charlatans, so they're frequently warned to maintain a healthy skepticism. But the latest identity theft scam targeting soldiers' families is enough to make even a veteran crime fighter's skin crawl.

Creeps are calling up military spouses, posing as representatives of the American Red Cross. The caller tells the spouse that his or her husband or wife has been injured in Iraq and taken to Germany for life-saving treatment. But the treatment cannot begin, the caller says, until the spouse provides the soldier's Social Security Number and birth date.

There is a very warm place in hell for anyone who would pull such a stunt. It's hard enough spending every day stateside, praying that a call or visit with that kind of bad news never arrives. That tension could make anyone crazy, and vulnerable. To use that vulnerability as an angle to commit identity theft is subhuman.

Let's dispense a few facts first. The Red Cross says it never makes this kind of phone call. News about casualties is always delivered to families by the U.S. military.

Second, soldiers' Social Security numbers tend to be among the worst kept secrets in the military. Since the 1960s, they've been used on dog tags, printed on rosters, and exposed in all manner of careless ways. In fact, seemingly everyone knows your SSN if you're in the military -- a very sore point among soldiers. It's highly unlikely that a Social Security number would stand between a solider and their medical care.

No one -- not a military spouse, not a family member, not a friend -- should ever give out personal information like this to a caller. If you are ever tempted, tell the caller that you have to hang up, and ask for a return phone number. That will give you time to think, and it will probably make a con artist give up. The bad guys generally won't give out a phone number.

In April, the Red Cross issued a warning about a similar scam targeting the families of soldiers in Alabama and Michigan. In that version, the caller said the solider was missing in action. Arkansas Assistant Attorney General Brad Phelps told MSNBC.com that his office has received 10 complaints in the past week about this latest variation of the scam.

"It's a fairly common tactic in these kinds of scams," Phelps said. "(Criminals) convey a sense of immediacy, a sense of crisis to the consumer, and hope the consumer will respond with the personal information."

Criminals who stoop to such lows may not realize what they have coming to them. Impersonating a member of the Red Cross is a federal crime, punishable by up to five years in jail, according to Arkansas Attorney General Dustin McDaniel. Families that receive such a call are urged to capture the caller ID information and contact their local police department.

Military families with any concerns also can contact their Family Readiness Group, which provides support an information on the home front.

"It is reprehensible that people would try to illegally profit off of the brave men and women who are risking their lives fighting for our country," McDaniel said. "The only thing worse is that they do so by preying on the emotions of their husbands and wives."

MORE ON MSNBC.COM

• ConsumerMan: Military families the target of Red Cross scam

Consumers have a love-hate relationship with rebates. They're great when they arrive and maddening when they don't. And many consumers have been burned by a promised rebate that never arrived, leaving them with a healthy dose of skepticism about the process.
There are new reasons to be skeptical. Many firms have taken to issuing debit-card-like gift cards instead of rebate checks. Known in the industry as "prepaid rebate cards," the cards do offer some benefits. But they also come laden with gotchas that can leave you with worthless plastic.

Like some gift cards, rebate cards can lose their value over time. But unlike gift cards, the dollar drain on rebate cards can begin as soon as three months after they're issued. Some rebate cards charge fees for activation or checking balances, too.

Many consumers who buy products promising rebates are surprised when plastic arrives instead of paper.

"Rebates in the form of gift cards seem to be more and more common, but not always well disclosed in ads," says Evan Johnson, who researches gift card fees for the Montgomery County (Maryland) Office of Consumer Protection. "My perception is that even when ads involving a gift card rebate make clear that is the form of the rebate, they often don't state the limitations of the cards."

Let's look at some of the small print on these cards.

Sprint recently offered a $25 incentive to current customers who talked friends into signing up. The friend also received a $25 rebate. Both "referral rewards" came in the form of a debit card, and that debit card came with a lot of explanation. There was a $3 "account maintenance fee"; a $15 "over-limit" fee; a $6.95 "plastic replacement fee"; and a 3 percent international transaction fee.

But that was only the start of the small print. Elsewhere on the explanation page included with the card, Sprint explains that the $3 monthly account maintenance fee kicks in when accounts are considered inactive. That can happen at one of two times: six months after the card is issued or three months after the card is first used. That means a consumer who puts the card in a drawer for six months will see that $25 card become a $22 card. Seven months later, it will be worth just $1.

Consumers who use the card right away have it even worse. If you receive a $25 card on July 1 and buy a $10 movie ticket, the $15 balance will decline to $12 on Oct. 1. And if you don't use it by Feb. 1, the card will be worthless.

Dormancy fees, only worse
In the gift card business, these are called dormancy fees. Dormancy fees were standard until several years ago, when increasing consumer outcry -- and regular embarrassing reports issued by the Montgomery County Office of Consumer Protection -- forced nearly all retailers to drop them. The process was helped along by the Federal Trade Commission, which said it was scrutinizing gift card fee disclosures in 2006, and later took legal action against the owner of Red Lobster restaurants.

But the dormancy fees on retail store gift card fees didn't kick in for 12 months or more. In that light, the three-month inactive term on rebate cards seems exceedingly short.

Sprint's cards were issued through Ecount, a big name in the prepaid debit card business. The firm was acquired by Citicorp in March. During a brief conversation with the firm's public relations department (the firm didn't respond to an interview request in time for this story), I was reminded that old-fashioned rebate checks also expire -- sometimes as quickly as 90 days after being issued. That's true.

Better than paper?
Rebate cards offer a real advantage, too -- consumers don't have to go to the bank and cash them before using the money.

The Network Branded Prepaid Card Association, which helps market rebate cards, says there are other benefits. It says 35 million U.S. households don't have a bank account and cannot easily cash rebate checks. And the value of lost or stolen rebate cards can sometimes be recovered. That's not the case with rebate checks, which are worthless if lost.

Still, only those with a magnifying glass or exceptional eyesight can find and read the fee disclosures on these prepaid rebate cards. Many will be surprised when their value starts to drain away within three months of arrival.

Adding to the confusion, there's a meaningless expiration date embossed on the front of each card. It's only there because credit card processing systems require transmission of an expiration date. To hammer home this point, the terms and conditions for the card includes this phrase, bold and capitalized; "AVAILABLE FUNDS DO NOT EXPIRE."

Of course the funds do expire, though not on the date on the card. A consumers who thinks he or she has that long to use it will be sadly mistaken. In contrast, rebate checks prominently feature the expiration date.

Trouble at checkout
The cards have another important shortcoming. Some merchant credit card systems have difficulty processing them. For example, the cards often can't be used to pay for part of a purchase, so a consumer who tries to use a $25 rebate card to pay for part of a $29 item will sometimes find the purchase declined. Convincing a retailer to take $4 cash and then ring up a $25 card purchase separately usually works.

It's too early to tell whether rebate cards or checks are better for consumers. Traditional rebate checks have myriad problems that experts say contribute an incredibly high rate of "breakage" – the amount of rebates consumers never claim – of around 40 percent, or $2 billion per year. On the other hand, unused gift card money amounts to nearly $8 billion annually, representing about 10 percent of all gift card value, according to TowerGroup. Consumers can get screwed both ways. Either way, you'd better get used to rebate cards – there's now 10 million of them in circulation, according to the prepaid card association.

That's why it's important to read up on how rebate cards work:

RED TAPE WRESTLING TIPS

• If you do receive a rebate card, know that it likely comes laden with gotchas. Johnson says there's no way around the old-fashioned advice to read the fine print.
"(It's) real important for consumers to ... read the front and back of the gift card and any accompanying materials very carefully when they are received," he said.

• It's sad but true: Your best bet is to spend the card as soon as you can after you receive it.

• If you try to use it at a store are run into trouble -- if the transaction is denied – try to talk the merchant into splitting the purchase into two transactions, and make sure one matches the exact value of the card. If that doesn't work, or you are unsure of the balance, use the card on a smaller purchase and check the balance at the next available opportunity.

• Treat rebate cards like cash. According to the terms listed on the Sprint card, consumers have far fewer rights to recover the value of the rebate card if it is stolen than they do with a credit card. The Sprint card indicates that consumers must tell Ecount about potential theft within 24 hours of learning about it, or face the possibility of being "held liable for all the unauthorized transactions." Credit and debit card time notification limits are far more liberal.

Also, the Sprint notice says explicitly that if you "share your Ecount Card number with another person, use of your Ecount Card by that person may be considered as authorized." That small print could limit consumers' rights to compensation if they fall for a phishing scam and accidentally give their account number to a hacker. In the past, the Federal Reserve has ruled that accidental divulging of ATM PIN codes through phishing that leads to bank account theft does not constitute an authorized transaction, and consumers who make that mistake retain their rights to a refund. It's not clear what refund rights you'd have if you gave your rebate card data to a hacker, though, so you're best off spending the card before you have a chance to lose it.

MORE ON MSNBC.COM

• Passport rules may be delayed until mid-2009

• Sex offenders on MySpace arrested

• Bee killers? Pesticides are a probable cause

Those of you who can't resist rubbernecking at the car accident that is Paris Hilton should beware -- others may discover your guilty pleasure.

Everyone knows that nothing you do online is really anonymous, yet nearly everyone forgets that on a regular basis. Your boss, for example, can easily find out how many Paris Hilton news items you read every day (a total that just went up by one). And if you engage in less-than-appropriate Web browsing through pictures and videos of famous female celebrities, well, that's easy to spy, too.

Which brings me to something even more embarrassing: Being exposed as someone who paid for a glimpse at less-than-appropriate pictures of Paris Hilton.

Not long ago, Hilton failed to pay the rent on a storage facility near Los Angeles, and its contents -- which included some racy photos and videos -- were scooped up by an Internet entrepreneur.

The X-rated material was later published at ParisExposed.com, available to any poor soul willing to pay $39.97 for a password. In February, a judge ruled that the site violated Hilton's privacy, and it was taken offline.

This week, the site was back: but this time it exposed much more than Hilton's private parts, according to TheSmokingGun.com.

Editors at The Smoking Gun, famous for their ability to obtain raw documents related to big news stories, recently discovered that ParisExposed.com suffered from a security vulnerability. Apparently in their haste to get their valuable content back online, the ParisExposed authors forgot to tell their shopping cart software to hide its customer list. The Smoking Gun was able to view a simple text file that apparently contained information on the site's registered users, including their names, e-mail addresses, credit card numbers and so on. There appear to have been about 750 names on the list, based on intentionally obscured versions of it published on The Smoking Gun, which decided against publicly embarrassing the Hilton fan club. The list included members from 27 foreign countries and the son of a "famous TV news personality," the site said.

Editors decided a public flogging was unnecessary.

"We decided to give the kid a pass since his name appeared on a 'document' that really should not have been public," editor Bill Bastone said in a brief interview.

A Smoking Gun reader alerted the site to the security flaw, he said. The reader noticed that the login process at ParisExposed.com was not secure, and found the customer list text file merely by fiddling with the URL.

Those who want to rubberneck on the rubberneckers are too late, however. A few hours after The Smoking Gun contacted the site, the list was removed.

Attempts to reach the authors of ParisExposed.com were unsuccessful. The Web site appears to be hosted in Costa Rica now.

This is hardly the first time X-rated Web sites have utilized less-than-stellar security and exposed their members.

Wired.com recently reported that sex lube maker Astroglide accidentally published its customer list of 250,000 people. Four years ago, Wired reported another incident in which a spammer's customer list was left out in the open, revealing the names of 6,000 people who'd purchased Viagra during a four-week period.

Exposures can happen even at big-name sites. In 2002, MSNBC.com reported that a glitch at the Victoria's Secret Web site allowed customers to view other customers' orders. A year later, the site reached a settlement with the New York state attorney general's office, paying a small penalty and agreeing to improve site security.

You just can't count on secrecy with anything you do online. And too much Paris Hilton gawking can harm you in unexpected ways. Occasional reminders of both these possibilities apparently are necessary.

With so much fighting going on about people who want to get into the country, we didn't realize how hard it is to get out. Chaos at the U.S. Passport office has left thousands of travelers stranded stateside, many of them holding useless airplane and cruise tickets -- a situation one critic calls "reverse Ellis Island."

The irony isn't lost on Tarina Oliver, who last week canceled a trip to the Dominican Republic when her passport didn't arrive on time. Oliver, 43, had planned to visit her sister, Camille Tillinghast, who's teaching English for a year to kindergarten students on the poor island. Oliver also was going to bring her 4-year-old daughter Josephine to give her a chance to experience life in a very different place.

"The opportunity to visit the Dominican Republic doesn't come around too often," Oliver said. Now, the opportunity appears to be gone, doomed by red tape.

Oliver is no procrastinator. She applied for her passport on March 26 for a trip that was going to begin June 2. At the time, the official at the post office where she submitted her application said she would have "no problem" getting her passports in time. In fact, he recommended against paying extra for expedited treatment.

Oliver spent the last month frantically trying to get word on the missing passports, and landed in a quagmire worthy of a Kafka novel. For travelers leaving within 14 days, the passport office advises citizens to get an in-person appointment at a local office. To do that, you must call a toll-free number. But when you call, you hear a five-minute recorded message that pleads for patience, advising callers that there is unprecedented demand for passports. At the end of that message, the recording says no one is available to answer the phone, and tells listeners to try again later, perhaps between midnight and 8 a.m.

"I tried that," Oliver said. "I never got through."

Some applicants are storming passort offices around the country anyway -- but that's not a great option for people like Oliver. There's only 13 regional passport offices that are really equipped to solve problems, and they are only in large cities like Washington D.C. and Seattle. Most people like Oliver apply at "passport acceptance facilities" like local post offices. A visit to these offices will net troubled applications little more than blank stares.

So for now, Oliver and her daughter are trapped inside the U.S. borders, victims of increased security procedures designed to keep dangerous people out.

Avalanche of new applications blamed
The Passport Services Office at the State Department blames an avalanche of applications filed earlier this year for the mess. Because of new rules requiring passports for North American travel, applications are up about 37 percent, the office says. Last year, 12.1 million passports were issued; this year, the agency is on pace to issue 17 million.

While that's a sharp increase, it was completely predictable. The passport reform was mandated by the Intelligence Reform and Terrorism Prevention Act of 2004. Soon after, the State Department announced the Western Hemisphere Travel Initiative, which requires passports for travel to places like Mexico and the Caribbean.

By stranding travelers like Oliver, the State Department has shown it cannot handle the demands of increased security. After all, if the office's computers and personnel cannot handle a completely predictable increase in passport applications, how can it be expected to keep out terrorists?

e-Passports to blame?
The passport chaos raises other important questions. A 37 percent increase is not a 300 percent increase. Yet many citizens are reporting that passports aren't arriving until three months or more have passed. That's a three-fold increase over wait times a year ago. How did things get that bad, that fast?

Late last year, the State Department began issuing snazzy new passports that include a small computer chip loaded with personal information about the traveler. The chips are supposed to make the documents harder to forge. They can beam data through radio waves to passport readers, which should speed up immigration lines. But there was great debate around the chips -- computer security experts warned that the chips can be hacked and that would-be imposters could lift data from them without even touching the traveler. Debate on the security of the chips is ongoing. (As is debate on enhancements to many government-issued IDs; click to see our 'Privacy Lost' special report.)

State Department spokesman Steve Royster said the changeover to new passports, called "e-Passports," had nothing to do with the problems. So far, the agency has issued 3.7 million chip-enabled passports since August – meaning most passports issued so far this year have been the traditional kind – but now nearly every new passport is an e-Passport, Royster said.

Barring some other explanation, it's hard to imagine this major change has had no impact on passport delays. And one has to wonder if the chip-enabled passports -- designed to one day carry biometric information like fingerprints – can be trusted to an agency which can't even answer the phone.

Relaxed requirements
On Friday, the State Department announced it would relax passport rules for North American travelers. A passport application receipt, printed from the Web, and a government-issued ID card, will be honored as travel documents.

Now, there's the advanced security we've been waiting for.

Tarina Oliver

The relaxed rules won't help Oliver, however. She sent her child's birth certificate in with the passport application. Without that, she has little hope of getting a state ID card from the motor vehicles department for her daughter, which she'd need to satisfy the new rules.

The rules change also doesn't help anyone hoping to travel anywhere else in the world. Without a passport, you're still trapped inside the country.

All hope is not lost for Oliver, however. Her sister, Camille, doesn't leave the Dominican Republic until later this month. If the missing passports arrive in time, Oliver and her daughter could book another flight. She'd have to pay large ticket change penalties, but at least she wouldn't lose the entire value of the tickets.

We should tell you that Oliver's sister, Camille, is married to MSNBC.com's president and publisher, Charles Tillinghast. That's how this story landed on my desk. But Oliver is one of only thousands of victims facing passport panic.

The best collection of complaints I found was on the WhirldView blog, published by a retired foreign service officer named Patricia Kushlis. She's been tracking the passport problems since February.

"Seems to me the whole process needs a major revamp, a reality check at the top," Kushlis said. She's the one who has taken to calling the passport bottleneck a "reverse Ellis Island."

Red Tape Wrestling Tips

1) The only thing that really works, Kushlis said, is calling your local congressional representative and appealing for help. Every House and Senate member has a staffer who deals with passport problems. Call the office and speak directly to that staffer, Kushlis said. Many of her readers have had success that way, but of course, it's not guaranteed.

2) Apply early. You'd be well served to give the State Department four full months to turn around your application. If you have a passport, check now to see it it's expiring in the next year and don't put off the paperwork.

3) If you are desperate, there are "passport expediters" who will get you faster turnaround for an extra fee of $100 or more. You can find one by doing an Internet search for "passport expediters." These agents are not affiliated with the government, however, and paying them could be risky. Tread this ground with care.

MORE ON MSNBC.COM

• Ancient Rome rebuilt in virtual reality

• New Stephen King thriller coming to Esquire

• Father in 'honor killing' found guilty of murder

Your credit score might be costing you hundreds of dollars each year on your auto insurance, but you'll never know. It's a secret. And it looks like it's going to stay that way.

Consumers took a shot to the gut this week when the U.S. Supreme Court unanimously ruled that insurers don't have to tell them when they are paying more for auto insurance because of their credit scores.

Many drivers don't even realize their credit scores are used in the complex mathematics used to calculate insurance rates. Ditto for most homeowners. But it's true in most states; credit scores are used to raise rates for some consumers and lower them for others. There's no way to know who is paying more and who is paying less or how much the credit score penalty is because, as I've said, it's a secret.

But Birney Birnbaum, an industry critic who works for the Texas-based Center for Economic Justice, says low scores can actually double some drivers' rates.

Angry consumers recently sued insurance giants Safeco and Geico disputing this secrecy, and won. A federal appeals court agreed with the trial courts, ruling in both cases that it was unfair to penalize consumers because of their low credit scores without providing notice.

But on Monday, the nation's top court overruled the appeals court. America's video replay judges decided the referees on the field got it wrong, and ruled insurers didn't have to provide such notice after all.

In a not-so-thoughtful analysis, Justice David Souter offered one line of reasoning to rule in favor of insurers: Credit score penalty notices would become so commonplace that they would "go the way of junk mail." Really, he did write that. See for yourself. (Acrobat required)

Perhaps Souter can afford to ignore mail that indicates he is paying a $200 penalty surcharge on car insurance, but I suspect few Americans would carelessly toss such notes in the trash.

Higher rate, but why?

Here's what's going on. In general, when a credit score is used to deny a consumer something -- such as a job, an apartment, or a loan -- the Fair Credit Reporting Act requires the company involved to send a letter called a "notice of adverse action" to the consumer. The law makes sense. Millions of credit reports have errors, owing to sloppy data entry or identity theft. Consumers who are penalized have a right to see the report and check for such costly mistakes.

As the use of credit scores has expanded dramatically, far beyond their initial function of determining credit-worthiness, concerns arose about how the notice of adverse action applies in these other arenas. Often, the notices aren't sent at all, and that's wrong. Any time consumers pay a higher rate than they would if they had an ideal credit score, they deserve to know about it.

Birnbaum and others have long argued that consumers should know exactly how much the penalty is, and what the ideal credit score is, so they can check for credit report errors and aim for the ideal score. That was the argument put forth by plaintiffs in the Safeco and Geico cases.

But Geico offered a more tortured, and ultimately more persuasive, argument. It said that it could calculate insurance premiums based on a "neutral" credit score -- in other words, what consumers would pay if credit scoring was never used at all. Only consumers who paid more than this "neutral credit score" rate suffered an adverse action and should be notified, the firm argued. The judges agreed.

Souter: There's a 'loophole'

Souter admits things still aren't ideal. For example, the ruling means there will be consumers who pay higher insurance rates because of credit report errors and will never receive notice, he concedes. He even admits the plaintiffs' assertions that this is a "loophole." But he said he was more concerned about the threat of adverse action notices flooding America with junk mail.

"We think the cost of closing the loophole is too high," he wrote.

There is an even bigger loophole, however, that Souter fails to mention: the setting of this "neutral rate." What will it be? Certainly it won't be an average credit score. It might even be so low that virtually no consumer receives an adverse action notice.

Justice John Paul Stevens saw it that way and wrote in a separate opinion that he disagreed with the majority's logic on that point: "I find it difficult to believe that Congress could have intended for a company's unrestrained adoption of a "neutral" score to keep many (if not most) consumers from ever hearing that the credit reports are costing them money."

He also poked fun at the rest of the court and its junk mail reasoning: "The court ... (reasons) that frequent adverse action notices would be ignored. To borrow a sentence from the court's opinion: 'Perhaps.' But rather than speculate about the likely effect of hypernotification ... I would defer to the Solicitor General's position, informed by the Federal Trade Commission's expert judgment, that consumers by and large benefit from adverse action notices, however common."

In this case, our nation's highest court of referees missed a foul call. The tortured logic of protecting us from junk mail (why start now?) is comical. Allowing insurance companies to set the bar for when adverse notices are sent is akin to giving the fox the keys to the chicken coup.

The ruling is even more discouraging when you consider the ever-expanding universe of credit scores, which are used to judge us in more realms every day. Clearly this ruling emboldens any industry that plans to use credit reports to penalize us and wants to do so in secrecy.

Red Tape Wrestling Tips

• Not all states allow insurance firms to consider credit scores. The practice is banned in California, for example. Call your state legislator and ask him or her to support a ban on the use of credit scores to set insurance rates in your state. Congress could amend the Fair Credit Reporting Act to require more adverse action notices by insurers, but that's a pipe dream at the moment.

• Your state's insurance regulators can control the use of credit scores and adverse action notices, says Birnbaum. Contact your board and ask it to do more.

• As with all major purchases, shop around. Get quotes from at least three companies before buying insurance, as each firm uses its own algebra to apply credit scores.

• Before buying home or auto insurance, get your CLUE report. CLUE stands for Comprehensive Loss Underwriting Exchange. It's a massive database used to log claims you make, or claims made in association with any property. Never buy a home without first ordering a CLUE report for that address, as home insurance rates can vary house-by-house, and some homes simply can't be insured because of a history of claims. CLUE reports are free from the company that maintains the database, ChoicePoint, and are available at ChoicePoint's consumer Web site.

• Finally, beware notices from insurance companies offering congratulations for a discount you've earned thanks to your credit score. Birnbaum says these are often adverse action notices is disguise, offering a small discount from a higher rate.

MORE FROM MSNBC.COM

• Slave passageway found under George Washington's home
• Vitamin D shown to reduce cancer risk in women
• Brain mix-up triggers strange sense of deja vu

While people always seem to want what they don't have, they tend to inflate the value of the things they do have. Economists call this the "endowment effect" – once something becomes part of your endowment, you are naturally reluctant to part with it.

So you might demand that someone pay you $2,000 for that 1983 Mustang convertible in your garage, even though you'd never pay $2,000 for the car if you were the buyer.

The gap between the buy and sell price you'd set is one reason that house negotiations often go haywire. Homeowners nearly always overestimate what their property is worth – or more specifically, what someone else will pay for it. Often, people initially set a price for their home that they wouldn't pay if they were the buyers.

When discussing cars or homes, the endowment effect is fairly easy to spot. But in the realm of abstract ideas like privacy, things get a bit more complicated.

Still, consideration of this buy-sell gap should be an important part of any serious discussion about privacy, says economist Alessandro Acquisti, a professor at Carnegie Mellon University and a member of the school's Privacy Technology Center.

Few willing to pay for protection

Studies have repeatedly shown that the average person won't pay anything to protect his or her privacy, and will do very little to protect it. Shoppers won't pay extra to buy from more security conscious stores; AOL users won't pay more for security tokens that protect their logins; and consumers readily surrender critical data such and home addresses in exchange for coupons and small discounts. That has led many observers to conclude that consumers don't value privacy at all.

But to Acquisti, those observers are only looking at half the equation -- what people will pay to protect their personal information. What they would demand in exchange for explicit permission to distribute their personal information – something he calls "pay to allow" – is another matter entirely.

"If you ask people how much they would sell their personal information for -- sensitive information like how many sexual partners they've had -- they will say a very high price," he said. "When we talk about the value of privacy to people, perhaps that's the number we should talk about."

Acquisti and fellow economist Jens Grossklags set out to quantify this buy-sell gap in a recent study. Privacy research is tricky because research subjects cannot be harmed, so the two could not simulate truly troubling privacy problems, such as exposure of Social Security numbers to Internet criminals.

Instead they created a relatively harmless survey that asked questions about innocuous data like height and weight. They gave survey takers $5 and offered one set an extra 25 cents or an extra $1 for permission to share the survey results with others – pay to allow. They told another group that if they were willing to take $1 or 25 cents less than the initial $5 gift, their information would be kept private – that's pay to protect.
In this limited experiment, just about everyone went with the money.

My sensitive data? That'll cost you!

But in a companion survey, as soon as the questions became more sensitive, the pay-to-protect and the pay-to-allow crowds diverged. Survey takers wanted quite a bit of cash to share information on sexual partners, for example. Several said they'd want $1,000 or more to share that kind of information.
"And that's what we'd expect," Acquisti said.

The value equation for personal information becomes is complex, said Grossklags, because selling data differs from selling personal goods in one important way: If you sell your Mustang for $2,000 (and you didn't overpay), you can always buy another one for about the same price. But once your personal information is sold, it's gone. You can't buy your privacy back. These kinds of one-way transactions are hard for consumers to value.

Perhaps that's why in survey after survey only about 10 percent of consumers care enough about their privacy to actually change their behavior – to avoid store loyalty cards, EZPass systems, and the like, says another privacy researcher, Larry Ponemon of the Ponemon Institute. Nearly two-thirds of people say they care about privacy, but don't do anything to protect it, he says.

There are two explanations for that, Ponemon says. Perhaps most people don't really care about privacy after all. Or, perhaps they think they are entitled to privacy – it is part of their endowment – and therefore they shouldn't have to do anything or pay anything to protect it. Avoiding EZPass is expensive; avoiding store loyalty cards can be very expensive.

"People may believe they are entitled to their privacy, and it shouldn't cost them anything," Ponemon says.

Why it matters

This is not merely an intellectual discussion for privacy wonks. As our legal system wrestles with determining just how victims whose privacy is invaded should be compensated, equations like these are being thrown around. Companies, accountants, and insurers may one day have to calculate whether there is a dollar figure that victims should receive where their personal information is lost. Or if there is an amount consumers should fairly pay to get themselves "off the grid," to get off of marketing lists and out of private research databases.

In a recent Ponemon survey, consumers said they should be well compensated when their personal data is leaked. Nearly 70 percent said they should be paid more than $5,000, and 42 percent said more than $10,000, when a company loses their personal information. Of course, if you ask someone how much money they should get for anything, they tend to be – let's say – optimistic. But these numbers provide another point of view when policy makers talk about the value of privacy, and they provide evidence that people place a high value on privacy even if they don't always act that way.

What do you think? How do you value your privacy? Take our short survey and find out how others value their privacy.

MORE ON MSNBC.COM

Privacy Lost: A special report on a vanishing right

Scientists find 24 new species in Suriname rainforest

Two in U.S. charged with plotting Laos coup

VIDEO: June 1: Many consumers don't realize how easy it is to overdraw their checking accounts. MSNBC.com's Bob Sullivan reports.

A few weeks ago, we shared the story of Rachel Poor, who faced a double-barreled 21st century nightmare when an identity thief stole her money and her bank piled on with penalty fees. In addition to losing thousands of dollars to the thief, Poor faced a maddening set of overdraft charges -- 22 to be exact -- while she tried to dig out of the hole her imposter put her in. 

The column resonated with Red Tape readers -- 1,300 comments were left on the blog, a record. Many writers expressed bitterness and frustration toward their banks and described their own overdraft fee nightmares.

Well, help may be on the way. Two major studies are being conducted to examine bank bounced check practices -- one by the Federal Deposit Insurance Corporation and one by the General Accountability Office, Congress' investigative arm. Federal legislation introduced by Rep. Carolyn Maloney, D-N.Y., would bar many current bank overdraft practices. And a congressional hearing is planned for later this summer to highlight abuses of the practice.

"Congress should help rein in the billions of dollars in hidden overdraft fees that bank customers are forced to shell out every year," said Maloney, who chairs the House Subcommittee on Financial Institutions. "Hidden overdraft fees are unfair, and fairness is an essential component of a safe and sound banking system." 
 
Why do overdraft fees seem to generate so much ire? For starters, they often come as a surprise. That's the reason that this month's "Gotcha Room" explains how easy it is to incur an overdraft fee. Click here to watch the video.

Here's the crux of the problem: Many people believe that if they ask an ATM for more money than they have in their account, the ATM will simply say "no." Not True! One upon a time, ATMs were good at rejection.  Today, they'll say "yes" to nearly anyone. 

Just about anyone with a checking account in any national bank is automatically enrolled in something called "courtesy overdraft protection." The "courtesy," it turns out, is that the banks will allow withdrawals that exceed balances and then tack on a hefty fee of about $35.

NOT JUST ONE OVERDRAFT FEE
And as Rachel Poor found out, often there are multiple charges. After an account "goes negative," every account withdrawal --  by ATM, by debit card purchase, by online bill payment – incurs another fee.  It's easy to wrack up four or five of those in a weekend, or 22 in Rachel's case.

Debit card purchases add to the confusion because banks allow debit card purchases even when accounts don't have enough money to cover the transaction. That profitable permissiveness can easily turn a $3 hamburger into a $38 hamburger.

No one knows exactly how much money banks are making this way, but there are some good guesses. Fees make up about one-third of bank revenue at this point, and overdraft fees make up a large chunk of that. The Center for Responsible Lending estimates that banks collected $10 billion in overdraft fees during 2005.

Judging from the number of people who wrote in after Rachel Poor's story, that estimate might be low.

Consumer advocates object to the fees on many levels. Chief among them -- using a debit card was supposed to be the healthy alternative to credit cards, which were designed to encourage people to spend money they don't have. Debit cards were supposed to prevent that bad buying habit, as purchases are withdrawn directly from checking accounts. At one point, it was impossible to spend more than you had with a debit card. But with "courtesy overdrafts," debit cards become a lot more like credit cards -- only worse. Not only can you overspend, but the loan you are given as a result is just about the most expensive loan out there. The effective annual percentage rate on debit card overdraft fees can be 1,000 percent. In most cases, consumers hovering near a zero balance and buying that $3 hamburger would be far better off taking out their credit cards, even if they are revolving users who pay interest immediately on the purchase.

SURPRISE! A $38 HAMBURGER
Making matters worse: Consumers rarely know when they are about to buy a $38 hamburger. It's nearly always a surprise when the monthly billing statement comes. 

It doesn't have to be that way.  A simple warning would be nice, something like the "foreign ATM $2 fee" warning we are all so familiar with. Something like this:

ATM: "I'll let you take out that $20 you don't really have, but it will cost you an extra $35. Are you sure you want to do that?"
You (turning to friend): Uh, Bill, can you spot me $20?

Implementing such a warning screen is one of the main provisions in Maloney's bill. Of course, banks aren't interested in adding the warning. Nessa Feddis, spokeswoman for the American Bankers Association, said it's not technically possible. There are always outstanding checks or pending electronic transactions (such as scheduled Internet bill payments) which make real-time balance checks impractical, she said.

"There will always be the possibility of approving a transaction when there aren't sufficient funds," she said. "It's consumers who are in the best position to know exactly what their balance is."

Feddis also said consumers appreciate the convenience of overdraft protection, as they don't face the hassle of rejected purchases at checkout counters. And in the case of bounced checks, the fees can actually save consumers money. In the past, a bounced check would incur two fees -- one from the bank and one from the merchant. Now the bank covers the check and charges only one overdraft fee, she said. 

But that benefit of overdraft protection only applies in the case of bounced checks.  Covering consumers' debit purchases and then charging a $35 fee doesn't save the consumer money compared to the days when the transaction would simply be declined.

Given the decline in popularity of checks, the majority of overdraft fees are now generated through debit transactions and other electronic transactions, the Center for Responsible Lending found in a recent study.

FED RULING BACKED BANKS
That's one reason banks fought -- and won -- in the last round of Washington D.C.-hand-wringing on the subject. Two years ago, the Federal Reserve issued new rules governing overdraft protection, but the rules have done little to help consumers. In fact, they may have made things worse. The Fed declared that overdraft fees were not a loan and thus not subject to Truth in Lending disclosure practices, which would include clear publication of those obscene annual percentage rates. Now, only banks that market courtesy overdraft protection service must explain the cost of the money. Banks that keep the service and the fees quiet only have to include small-print notices when you open your account.

Maloney's bill would change that, too, as it would redefine overdraft fees as loans.

Feddis argues that publishing those rates would only confuse consumers.

"People understand dollars. ...The rate would be misleading to consumers," she said. "It's not a loan, it's a service fee."

Whatever they are, clearly many consumers hate them. More important, many consumers are surprised by them, and that should never happen.  ATMs should warn consumers before they overdraw their accounts -- something that is just as feasible as account balance checks, despite what banks say. And if warnings aren't given, hamburger purchases should simply be declined when balances are below zero unless consumers actively ask for the protection. 

RED TAPE WRESTLING STRATEGIES
Tell your bank you want to opt out of courtesy overdraft protection. While you're at it, link your credit card or savings account to your checking account, which will provide you true overdraft protection for pennies on the dollar.

If your balance is low and you are using a debit card, tell the clerk you want to sign the receipt and not enter a PIN, says Gartner payment expert Avivah Litan. Signature-based debit transactions are processed a little bit more slowly than PIN transactions, so you'll buy yourself a little time to deposit money and cover the withdrawal, she says.

Consumers who think the current system is unfair should write to the Federal Reserve and complain, and write to their congressional representatives asking them to support the "Consumer Overdraft Protection Fair Practices Act" introduced by Maloney.