• Mission & Governance
• Services Overview
• How to Get Involved
• Standing Committees
• NCSL Foundation

• Issue Areas: A-Z
• State-Federal Relations
• NCSL Standing Committees
• News from D.C. and the States

• About State Legislatures
• Elections, Campaigns & Redistricting
• NCSL's StateConnect Directory
• Web Sites

• Online Guide to NCSL Services
• Staff Sections and Networks
• Meetings & Professional Development
• Staff Directories

• Meetings Calendar
• Online Registration
• Meetings Home Page
• Legislative Summit

• Bookstore
• State Legislatures Magazine
• NCSL's StateConnect Directory

2008 Enacted Identity Theft Legislation

Last updated: April 7, 2008

State:	Summary of Legislation:
Idaho	S.B. 1357 Signed by governor 3/11/08, Chapter 78 Clarifies the current Misappropriation of Personal Identifying Information criminal statute. The current law prohibits an offender from obtaining or recording, without authority, another person's Social Security number or date of birth with the intent to use that information in order to obtain credit, money, goods or services in the name of the other person. However, in many instances of identity theft an offender utilizes a stolen Social Security number or date of birth and their own name or a fictitious name in obtaining credit, money, goods or services. This legislation clarifies the law and will ensure that law enforcement and prosecutors are better able to hold identity thieves accountable under these circumstances.
Oregon	H.B. 3615, Special Session Signed by governor 3/11/08, Chapter 27 Provides ballot title for S.B. 1087 that increases sentences for drug trafficking, theft against elderly and specified repeat property and identity theft crimes; requires addiction treatment for certain offenders.
	S.B. 1087, Special Session Adopted 3/4/08, Chapter 14 Increases term of imprisonment for persons convicted of specified drug and property crimes under certain circumstances. Prohibits court from imposing less than presumptive sentence for persons convicted of specified drug and property crimes under certain circumstances. Requires the Department of Corrections to provide treatment to offenders and to administer grant program to provide supplemental funding to local governments for certain purposes. Refers Act to people for their approval or rejection at next regular general election. Provides that if both Act and specified initiative petition receive majority of affirmative votes, measure receiving fewer affirmative votes is repealed.
South Carolina	S.B. 453 Signed by governor 4/2/08 Enacts the "Financial Identity Fraud and Identity Theft Protection Act", by adding chapter 20 to title 37 providing for protections in connection with consumer credit-reporting agencies and with the use and communication of a consumer's Social Security number, imposition of a security freeze on a consumer's credit report, prescription of measures for disposal of personal identifying information, procedure for resolution of disputed credit information, and civil damages, including attorney's fees and costs and injunctive relief; redesignates the family privacy protection act of chapter 2, title 30, as article 1 and adds article 3 providing for protection of personal identifying information privacy in connection with a public body and its use and communication of a resident's Social Security number, prescription for disclosure of Social Security information and identifying information by and to certain public bodies, prohibition of requiring the use of personal identifying information on a mortgage and in preparation of documents for public filing, and procedure for redacting certain personal identifying information from public records; adds §1-11-490 so as to provide for disclosure by an agency of this state of unauthorized access to or acquisition of the personal identifying information of a resident whose information the agency owns or licenses and to provide for civil damages, attorney's fees, and injunctive relief; adds §16-11-725 so as to make it unlawful to use another person's household garbage for the purpose of committing financial or identity fraud; adds §16-13-512 so as to regulate the use of a cardholder's Social Security number on a credit or debit card receipt; adds §39-1-90 so as to provide for disclosure by a person conducting business in this state of unauthorized access to or acquisition of the personal identifying information of a resident whose information the person owns or licenses and to provide for civil damages, attorney's fees, and injunctive relief; amends §16-13-510, as amended, relating to the offense of financial identity fraud, so as to add the elements of wilfulness and knowledge and to include the offense of identity fraud as the use of another's information to avoid legal consequences or to obtain employment and to further define "identifying information"; and repeals §16-13-515, relating to identity fraud.
Utah	H.B. 141 Signed by governor 3/17/08, Chapter 161 Amends provisions in the Government Records Access and Management Act to provide protected status to all information collected in relation to the Identity Theft Reporting Information System established in the Office of the Attorney General; establishes the Identity Theft Reporting Information System (IRIS) program in the Office of the Attorney General; states the purposes of the IRIS program; establishes a database to store information related to the reporting, investigation, and resolution of identity theft reports filed under the IRIS program; provides requirements for the format, contents, and administration of the IRIS database; provides that the Department of Technology Services shall maintain, administer, and make rules in relation to use of the database, with the approval of the Office of the Attorney General; provides criminal penalties for unlawful access or misuse of information in the IRIS database.
	S.B. 52 Signed by governor 3/18/08, Chapter 361 Directs the court to order restitution to the victim of an identity fraud offense or state on the record why restitution is not appropriate; and specifies that restitution related to an offense of identity fraud may include: attorney fees, lost wages, and other costs; and the victim's time involved in dealing with the offense, including administrative hearings and clearing the victim's record.
Washington	H.B. 1271 S.B. 5878 Signed by governor 3/27/08, Chapter 207 Concerns the filing of police incident reports for victims of identity theft; provides that a person who has learned or reasonably suspects that his or her financial information or means of identification has been unlawfully obtained, used by, or disclosed to another, as described in chapter 9.35 RCW, may file an incident report with a law enforcement agency.
	H.B. 1273 Signed by governor 4/1/08, Chapter 290 Declares an intent to enable financial institutions and merchants, to the extent permitted by federal law, to exchange information to prevent, detect, deter, and assist in the prosecution of financial fraud, bank robbery, money laundering, identity theft, and other financial crimes. Declares an intent to encourage the sharing of information consistent with federal law. Declares that a fraud alert network is intended to protect against or prevent actual or potential fraud and unauthorized transactions, claims, or other liability, and is intended to be exempt from the privacy disclosure requirements of the Gramm-Leach-Bliley Act of 1999. Provides that it is intended that so long as the participants comply with this act, the provisions of the Washington fair credit reporting act, chapter 19.182 RCW, do not apply to the fraud alert network. However, if it is determined that the federal fair credit reporting act applies to a fraud alert network, the Washington fair credit reporting act also applies.
	H.B. 2637 Signed by governor 3/14/08, Chapter 21 S.B. 6671 Provides when properly served with criminal process issued under this act, the recipient shall provide the applicant all records sought pursuant to the criminal process. The records shall be produced within 20 business days of receipt of the criminal process, unless the process requires earlier production. An applicant may consent to a recipient's request for additional time to comply with the criminal process. Provides when properly served with criminal process issued under this act, a recipient who seeks to quash the criminal process must seek relief from the court where the criminal process was issued, within the time originally required for production of records. The court shall hear and decide the motion no later than five court days after the motion is filed. Requires, upon written request from the applicant, or if ordered by the court, the recipient of criminal process shall verify the authenticity of records that it produces by providing an affidavit, declaration, or certification. Requires a Washington recipient, when served with process that was issued by or in another state that on its face purports to be valid criminal process to comply with that process as if that process had been issued by a Washington court.

NCSL Contact:  Heather Morton, Denver, (303) 364-7700

 Identity Theft Introduction