ChoicePoint Inc., a commercial data broker, has agreed to pay $15 million to settle charges of violating consumer privacy rights. $10 million will be paid as a penalty to the government, with $5 million going to 800 individuals who had their identities stolen as a result of ChoicePoint’s actions.

In addition, ChoicePoint must change it customer screening procedures, implement new information handling procedures, and have independent security audits every other year for the next 20 years.

The situation began when the company did not verify the identity of a client, who pulled credit histories on 163,000 people. The client turned out to be a Nigerian national who was involved in a fraud ring, and who provided fake company names, phone numbers, and addresses to ChoicePoint when applying for an account.

Press release from the FTC