Washington, DC – U.S. Senator Dianne Feinstein (D-Calif.) today introduced three bills to tackle the growing problem of identity theft.

“Nearly ten million Americans become victims of identity theft each year,” Senator Feinstein said. “That’s ten million people whose good names and financial records are damaged for years afterward. These victims rack up debt, experience credit problems and, in some cases, even face criminal charges due to the actions of identity thieves. We’ve toughened penalties on perpetrators of identity theft, now we need to make it harder for these invasive crimes to occur in the first place.”

A September 2003 report released by the Federal Trade Commission (FTC) found that almost ten million people had been victimized by identity theft in the preceding year, resulting in losses of over $47 billion. Another FTC report found California to have the third-highest rate of identity theft per capita in 2003.

Senator Feinstein’s package of bills includes:

• The Privacy Act – A comprehensive bill that would set a national standard for protecting personal information such as Social Security numbers, driver’s licenses, and medical and financial data, including information collected both online and offline. Modeled on California ’s financial privacy law, it requires companies to let consumers “opt in” before their most sensitive information is shared.

• The Social Security Number Misuse Prevention Act – This bill would regulate the use of Social Security numbers by government agencies and private companies by prohibiting the sale or display of Social Security numbers to the general public, and by requiring Social Security numbers to be taken off of public records published on the Internet.  

• The Notification of Risk to Personal Data Act – Modeled on California’s database security law, this bill would define as personal data an individual’s Social Security number, driver’s license number, state identification number, bank account number or credit card number; require a business or government entity to notify an individual when it appears that a hacker has obtained unencrypted personal data; levy fines by the FTC of $5,000 per violation or up to $25,000 per day while the violation persists; and allow California’s privacy law to remain in effect, but preempt conflicting state laws.

“I strongly believe individuals have a right to be notified when their most sensitive information is compromised – because it is truly their information,” Senator Feinstein said about her database security bill. “This is both a matter of principle and a practical measure to curb identity theft.”

Senator Feinstein is a longtime advocate for policies that protect the personal data of consumers. Last year, the Identity Theft Penalty Enhancement Act, which Senator Feinstein sponsored in the Senate, became law. The Act imposes tough penalties on identity thieves and makes it easier for prosecutors to target those identity thieves who steal for the purpose of committing the most serious crimes, including terrorism.