Issue Statements - Priorities |
|
Protecting Your Identity
Every four seconds in America, another person falls victim to identity theft. It can happen in any number of ways: a wallet is stolen, a credit card slip is fished from the trash or a corporate, academic or government database containing personal financial information is breached.
This is happening all across the country. In 2005, 8.9 million Americans were victimized, at a $57 billion cost. The cost will keep climbing unless Congress takes swift, strong action.
That’s why we need a comprehensive approach – to give consumers more control of their personal information and to allow them to restore their good names when a theft has occurred.
In the 110th Congress, I introduced two pieces of legislation: the Notification of Risk to Personal Data Act and the Social Security Number Misuse Prevention Act.
The Notification of Risk to Personal Data Act would:
- Require a federal agency or business entity to notify an individual of a security breach involving personal data without unreasonable delay;
- Allow limited exemptions for law enforcement and national security reasons;
- Require media notice as well as individual notice;
- Notice must include description of the type of personal data breached and a toll-free number to call for more information;
- If more than 1,000 individuals must be notified, then the company or agency must coordinate with credit reporting agencies;
- Require notice to the Secret Service if records of more than 10,000 individuals are obtained or if the database breached contains more than one million entries, is owned by the federal government, or involves national security or law enforcement;
- Authorize the U.S. Attorney General and state Attorneys General to bring civil actions;
- Supersede any conflicting federal or state laws; and
- Authorize necessary appropriations.
Social Security Number Misuse Prevention Act would:
- Prohibit the sale or display of an individual’s Social Security number to the general public without the individual’s consent;
- Prohibit federal, state and local government agencies from displaying Social Security numbers on public records posted on the Internet or issued to the general public through CD-ROMs or other electronic media, or from printing them on government checks;
- Prevent the employment of inmates for tasks that would give them access to the Social Security numbers of other individuals;
- Provide some limitations on when a business can ask a customer for his or her Social Security number;
- Require a study of the current uses of Social Security numbers and the impact on privacy and data security; and
- Include both criminal and civil penalties.
As Chairman of the Senate Judiciary Subcommittee on Terrorism, Technology, and Homeland Security, I intend to examine additional options for strengthening protections against identity theft.
For more information on identity theft, visit the Federal Trade Commission’s Identity Theft site.
|
|
|
|
|