 |
Home | Contact Us | Press Room | Site Overview | Help | Login | Register |
 |
 |
| About NCSL | State & Federal Issues | Legislatures | Legislative Staff | Meetings | Bookstore | Legislators & Staff Only |
| NCSL Home > Bookstore > | Add to MyNCSL |
State LegislaturesMagazine: March 1999Editor's Note: These articles appeared in the March 1999 issue of NCSL's magazine, State Legislatures. To order copies or to subscribe, contact the marketing department at (303) 364-7700. Identity Crisis in the Information Age$50,000 in DebtOnly a Scrap of Information Information Run Amok Legislators Up to Challenge Federal Help a Hindrance More Help for Victims States Rule on Identity FraudProtect YourselfIdentity Crisis in the Information AgeCyberspace has made it too easy for thieves to steal and abuse people’s identity. Legislators are trying to stay ahead of the growing crime. By Garry Boulard William E. Porter knew there was something wrong when he received an invoice from the local newspaper in Las Cruces, N.M., billing him for a recent ad he ran for apples from his orchard. "It didn’t make sense," says Porter, who just retired after serving eight years in the state’s House of Representatives. "I knew my wife had already sent the paper a check, so I couldn’t figure it out." Things were made even more mysterious when the Porters received a notice from their local bank telling them that a check they had written for $700 was an overdraft. The check bore the same identifying numbers as the one for $69 that Mrs. Porter had sent to the paper. "Then we put things together and soon found out we were the victims of what people now call ‘identity fraud,’" says Porter. "Someone had stolen the check out of our front yard mailbox, washed the figures to change them from $69 to $700, and then cashed it." But even worse, someone had to take on the name of Mrs. Porter to get the check cashed. That thought chilled Representative Porter and his wife. $50,000 IN DEBT From there begins an unbelievable nightmare of obliterated credit ratings, bounced checks and lost homes. Some victims end up with criminal records because the thief has committed other crimes while using their names and identities. It’s a theft like no other—someone out there steals your name, your identity and does bad things to you as you. An unwilling expert is Jessica Grant of Sun Prairie, Wis., whose plight inspired lawmakers to craft one of the nation’s toughest identity theft laws. It includes felony sentences of up to two years and fines of up to $5,000 or both. Grant and her husband didn’t know they were victims until they applied to refinance their mortgage. The bank turned them down based on a credit report that showed Jessica Grant had a debt trail of more than $60,000, which included massive credit card expenditures, two car loans and even a $25,000 loan on a mobile home. Grant had spent none of the $60,000. A woman in Texas had somehow gotten both her name and Social Security number and simply used them to apply for credit and amass the $60,000 damage. IT TAKES ONLY A SCRAP OF INFORMATION Victims can go months and even years before knowing they’ve been hit because the perpetrator usually has the bills sent to a separate address. The con spends, the bills stack up, and the victim’s credit record starts to resemble a minefield that may take years to clear up. This isn’t a new crime, it’s been happening for years, but the Internet made the problem worse. Because millions of people every day put their credit card numbers and other personal information into the ‘Net, primarily for purchases, such data are, in effect, floating out there in cyberspace just waiting for a clever criminal to come along and make quick use of them. "Can you think of anything worse?" asks Georgia Senator Ed Harbison, who sponsored a successful bill last year calling for up to 10 years imprisonment for anyone convicted of stealing another person’s identity. "Your name is your most prized possession. Imagine how you’d feel if someone else had it and all kinds of other personal information about you and was doing illegal things. You’d be outraged." In New Mexico, Porter began to wonder, "If it could happen to me, how many other people have been hit this way?" He soon found out: Thousands of citizens, both in his native state of New Mexico and across the country are victims. According to TransUnion, one of the three major credit bureaus, 1997 saw nearly 523,000 inquiries related to identity theft, up from just 35,000 in 1992. Losses to both victims and institutions are up to more than $745 million, more than triple the figure from 1992. Porter even heard from a fellow lawmaker whose parents lost a lot of money when a thief somehow obtained their Social Security numbers, tapped into their private bank account and left with more than $60,000 of their hard-earned assets. INFORMATION RUN AMOK "The question for all of us is how much of this stuff can be controlled, and what can we do to punish those who would misuse such information for illegal gain?" asks Tennessee Senator Randy McNally. "This is obviously an entirely new sort of criminal enterprise that we are running into today, nothing we have ever seen before. And I think it is going to be left to the states to do something about it." Ten states are doing something already—Arizona, California, Georgia, Kansas, Mississippi, Missouri, Montana, New Jersey, West Virginia and Wisconsin. Most of them make identity theft a criminal offense with requisite jail time and fines. In New Mexico, Porter sponsored a bill that, first of all, acknowledged there is a new type of crime called "theft of identity" and called for a punishment that could be composed of both jail time and fines. But the bill never made it out of the House Committee on the Judiciary after lawmakers agreed it needed more teeth. "It will be reintroduced this spring," says Porter, "and from what I hear it will pass and be a much stronger measure this time around." In Tennessee, a bill Senator McNally sponsored ran into trouble because there was not enough money to fund the prison time and court expenses that felony convictions require. "We really wanted to bring this kind of crime up to a felony status," he says, "but we didn’t have the money for it. So now it reads as a Class A misdemeanor, which would still allow for prison sentences." If money can be found this spring, Senator McNally says his bill will become law. "I don’t know anyone who is opposed to it." There may be one addition, however. Representative Jim Boyer plans to offer an amendment to McNally’s measure. "I would really like to write in a forfeiture of any gain that the criminal realizes from something like this," Boyer says. "The money should be returned to the person it was taken from, or if that is impossible, used to help fund the law." LEGISLATORS ARE UP TO THE CHALLENGE The lawmakers are not alone. The National Association of Insurance Commissioners last fall proposed new standards that would restrict insurance companies from disclosing personal medical information without the individual’s permission. Banking regulators working with the Federal Bureau of Investigation recently announced a plan for the nation’s banks that would prohibit dissemination of confidential customer information, particularly in the wave of giant mergers such as Citicorp and Travellers Group Inc. Such mergers, it is thought, make it more likely for banks, insurance companies and brokerage firms to trade sensitive information about their customers. Meanwhile, the Online Privacy Alliance, which counts Microsoft and Yahoo among its clients, has announced its backing of an independent system of checks and balances that would award a seal of approval to any Web site that adheres to privacy standards. The alliance action, which was an- nounced last summer, came in response to a survey by the Federal Trade Commission of some 1,400 individual Web sites. The survey results, according to the FTC, were troubling. Some 92 percent of the Web sites collect personal data such as names, Social Security numbers and credit card numbers. At the same time, only 14 percent of those same sites disclose to their customers the type of information they collect from them and what they do with it. For FTC Chairman Robert Pitofsky, the lack of privacy protection on the Internet may mean one thing: Government, long reluctant to get involved in cyberspace regulation, may soon have to regulate it. "Unless industry can demonstrate that it has developed and implemented broad-based and effective self-regulatory programs," Pitofsky said in testimony before Congress last summer, "additional government authority will be appropriate and necessary." "This is really a huge issue that we get dozens of calls on," says Howard Shapiro in the FTC’s public relations office in Washington, D.C. "At the root of the issue is theft—and theft of the worst kind—of your own identity. When you have lost your identity to someone else, it automatically means that everything about your life is going to be turned upside down. Your credit records could be completely screwed up. And that, in turn, is directly covered by the Fair Credit Reporting Act, which we enforce. So this is an issue right now that the FTC is very involved in." FEDERAL HELP A HINDERANCE? Mierswinsky notices similar problems with a current U.S. Department of Transportation proposal that would require putting Social Security numbers on driver’s licenses. "Talk about going backward," he exclaims. Although Mierswinsky lauds both the cable records law and the fair credit reporting act as important steps for protecting privacy, Mierswinsky remains convinced that Washington, D.C., is not the place to best deal with issues of identity fraud. "Congress has been under intense pressure on these issues from people like direct marketers and those in the banking and financial industries." The result? "They have yet to develop an adequate, across the board records privacy law," Mierswinsky says. "The states will be where most of the new action takes place. They have more flexibility and are less beholden to the interests." In the states that have so far tackled identity fraud, the emphasis has been on punishment, with legislators willing to vote for felony sentences for anyone convicted of stealing another person’s identity. Some of the states that have decided to make the offense a misdemeanor, however, such as Mississippi, have made the misdemeanor carry jail time of up to one year or a fine of up to $5,000. California’s SB 1374, passed by the Legislature and signed by former Governor Pete Wilson last year, leaves it up to local district attorneys to pursue such offenses as either felonies or misdemeanors. The emphasis on punishment is for a good reason. "Maybe if you scare a few people with some stiff sentences, you can show the world that we are serious about this kind of crime," says Missouri Representative Jim Seigfreid, who plans to introduce a bill this session. His measure calls for making identity theft a class D felony with five years in prison and a possible fine of $5,000. "I know this is steep," he says, "but I want it to be." MORE HELP FOR VICTIMS Mierswinsky with the Public Interest Research Group thinks citizens need free access to credit reports, a right they have in only six states. "People need to know what is being said about them," he says. "They need actual input on the data that is out there being compiled about them. Everyone should have the right to a free credit report upon request." In addition, Wisconsin’s Schneider would like to require all businesses to destroy documents containing any personal information about their customers. "We had a big scandal here where banks in both Milwaukee and Madison were throwing sensitive documents into the dumpsters behind their businesses and the papers weren’t shredded." Those documents, as later revealed by local press reports, included the Social Security, worker identification and bank account numbers of thousands of bank customers, all waiting to be used by a skilled criminal. "Businesses just don’t get it," Schneider continues. "If the customers get the shaft, in the end they will too. But so far they have been unresponsive." Such suggestions underline the wilderness many lawmakers find themselves in as they address an issue of truly cyberspace proportion. "Let’s face it. These are uncharted waters for most of us," says Harbison of Georgia. "In many cases we are trying to invent the law to fit a crime that is not only new, but changing as we go along." For that reason, believes Representative Seigfreid of Missouri, lawmakers should "just get in there and do the right thing. We have before us a problem that is only going to get bigger unless we do something to stop it now. In many ways, we are going to be ahead of our constituents on this one because many of them do not yet realize the true potential for trouble with this kind of crime. "This is the essence of what we are all about, seeing a problem before most of the general public does, and putting in place laws to protect that public before the problem gets any worse," he says. "Anything we do in that direction will be the right thing." Garry Boulard, a free-lance writer in New Orleans, is a frequent contributor to State Legislatures. His book, Huey Long Invades New Orleans: The Siege of a City, 1934-1936, was published by Pelican Publishing in 1998. ©1998, National Conference of State Legislatures. All rights reserved.
States Rule on Identity FraudIt’s a crime to pose as someone else for nefarious purposes in at least 10 states—Arizona (which passed the first identity theft law in 1996), California, Georgia, Kansas, Mississippi, Missouri, Montana, New Jersey, West Virginia and Wisconsin. And states have been upping the penalties. California added a felony count to its existing misdemeanor charge. And West Virginia considers it a felony. Kansas makes identity theft a misdemeanor, as does Missouri and Montana. Missouri’s law is specific to fraud on applications for certification for licensure. In a further effort to give consumers control over their credit information, Colorado, New Jersey, Georgia, Maryland, Massachusetts and Vermont passed laws giving people free access to their credit reports. Congress got in on the act with the Identity Theft Protection Act of 1998, recently signed into law by President Clinton. It makes it illegal for anyone to use another person’s identity with the intent to commit a crime that would violate federal law or constitute a felony under state or local law. It also requires payment of restitution to the victim, including attorney fees and cost of clearing the credit history, as well as the possibility of a year or more in prison. —Rita Thaemert, NCSL ©1998, National Conference of State Legislatures. All rights reserved.
Protect YourselfConstituents need to be reminded that legislation is not enough when it comes to protecting themselves from credit fraud. To safeguard their names and finances, they also need to take steps to secure their personal records:
The credit industry also can help by providing individual consumers with copies of their credit reports, strictly verifying a credit applicant’s identification and tracking more closely identity fraud cases, data and statistics. —Rita Thaemert, NCSL ©1998, National Conference of State Legislatures. All rights reserved.
|
![[NCSL logo]](/images/logosmbt.gif){kind=small}
NCSL Home Page© 2008 National Conference of State Legislatures, All Rights Reserved
Denver Office: Tel: 303-364-7700 | Fax: 303-364-7800 | 7700 East First Place | Denver, CO 80230 | Map
Washington Office: Tel: 202-624-5400 | Fax: 202-737-1069 | 444 North Capitol Street, N.W., Suite 515 | Washington, D.C. 20001
