July 14, 2005

Commerce Committee Leadership Joins in Support of Smith Legislation

Washington, DC – Today, Senator Gordon Smith led a bipartisan coalition of Senate Commerce Committee leaders to introduce comprehensive legislation that protects consumers from identity theft. The bill sets national standards for notifying consumers of data breaches, requires businesses to improve their safeguards for sensitive consumer information, gives consumers the right to freeze their credit reports to thwart identity theft, and limits the solicitation of Social Security numbers.

Smith’s bill is co-sponsored by Commerce Committee Chairman Ted Stevens (R-Alaska), Co-Chairman Daniel Inouye (D-Hawaii), Sen. Bill Nelson (D-FL), Sen. John McCain (R-Ariz.), and Sen. Mark Pryor (D-Ark.). The Commerce Committee has primary jurisdiction over the Federal Trade Commission, which enforces identity theft and fraud laws.

“The Internet and new business technologies have added a lot to daily life, but they’ve also made us more vulnerable,” Sen. Smith said. “We need this bill because having the world at your fingertips shouldn’t get you into a financial world of hurt.”

The bill addresses recent personal data breaches and provides tools for consumers to protect themselves from identity theft. Included below are some of the key aspects of the legislation:

INFORMATION COLLECTORS: The bill covers entities that collect sensitive personal information, including Social Security numbers, financial account information, driver’s license information, and other information that the Federal Trade Commission determines can be used for identity theft. The bill also covers any third party that purchases or otherwise acquires this information.

SAFEGUARDS: Businesses, schools and other organizations that hold sensitive personal information will be required to secure it with physical and technological safeguards that will be specified by the Federal Trade Commission.

CONSUMER NOTICE: Consumers must be notified if any sensitive personal identification is lost or otherwise breached, and there is a reasonable risk that the information could be used for identity theft. The information holder also must report data breaches affecting more than 1,000 individuals to the Federal Trade Commission or the holder’s primary regulator. Those failing to notify may be fined up to $11 million.

CREDIT FREEZE: The bill allows consumers to voluntarily “freeze” their credit reports, preventing unauthorized access to them. Consumers would lift the freeze to apply for new credit.

SOCIAL SECURITY NUMBERS: Businesses, schools and other information holders would be prohibited from requesting a person’s social security number unless no other type of identifier can be used in its place. Those holding sensitive personal information also would be prohibited from using social security numbers on identification cards and other forms of identification.

STATE PRE-EMPTION. The bill would pre-empt state law on all these issues to create more uniform and efficient compliance by businesses, schools, and information holders.

###