Leahy/Spector Intro ID Theft Act

October 24 , 2007 in Industry News

Washington, D.C.

Senators Patrick Leahy, of Vermont, and Spector have introduced the Identity Theft Enforcement and Restitution Act of 2007, which proposes adding several provisions to the Personal Data Privacy and Security Act (S. 495) that was passed in the SJudiciary Committee last May.

The new provisions would:

Expand the definition of cybercrime to include threatening to obtain or release information from a protected computer.
Give victims of identity theft the right to seek restitution for the time and money spent attempting to restore their credit.

Extend the jurisdiction of existing federal computer fraud statutes to include small businesses and corporations.

Delete the requirement that information must have been stolen from another state or country so that prosecutions can occur when the victim and the thief are located in the same state.

Make it a felony to use spyware or keyloggers that damage 10 or more computers.

Abolish the minimum requirement that $5,000 worth of loss must be experienced by the victim. Currently, this bill classifies incidents resulting in less than $5,000 worth of loss as misdemeanors.

The Personal Data Privacy and Security Act (S. 495), which is the original bill Senators Leahy and Spector seek to amend, focused on disclosure responsibilities of organizations that suffer a data breach or loss jeopardizing sensitive information.

The Senators quote a Justice Department statistic that puts the number of identity theft victims at 8.4 million in 2006.

The new bill has now been referred to the Senate Judiciary Committee.