Lawmakers Take Up Tough ID Theft Bill

A series of high-profile security breaches has prompted lawmakers to consider requiring companies to notify consumers if their personal information has been lost, stolen or otherwise released.

“The fact of the matter is that your buying habits, your bank accounts, your Social Security number, your driver's license - all of your personal data - today is being collected, collated, distributed, bought, sold - without your knowledge or consent,” said Sen. Dianne Feinstein, D-Calif., in a statement. Feinstein modeled national legislation after California's tough ID theft notification law, the only one of its kind in the country.

The bill is a beefed-up version of legislation she introduced in the last session of Congress. The bill outlines the requirements companies must follow to notify users of a security breach, allows consumers to put a seven-year fraud alert on their credit report and spells out stiff penalties for companies that don't follow the law.

The Senate Judiciary Committee last week heard comments from the Federal Trade Commission, FBI and Secret Service, privacy advocates and executives from LexisNexis and ChoicePoint, where security breaches made headlines and angered consumer advocates.

ChoicePoint President Douglas C. Curling told the committee, “Let me again offer our sincere apology to those consumers whose information may have been accessed by the criminals who perpetrated this fraud," according to TechWeb News. His company sent out 145,000 notices last year after personal information was sold to an identity theft ring posing as a legitimate business.

At LexisNexis, identify thieves accessed Social Security numbers, driver's licenses and other records of about 32,000 consumers last month.

The problems are not confined to private companies. The Government Accountability Office has recommended that the Internal Revenue Service strengthen security over taxpayer information. “Until IRS fully implements a comprehensive agencywide information security program, its facilities and computing resources and the information that is processed, stored and transmitted on its systems will remain vulnerable,” a GAO report reads.

Sen. Patrick Leahy, D-Vt., said at the hearing, "One of the most fundamental liberties of being an American is the right to be let alone. When you invade someone's privacy or treat it glibly, you trample on that liberty. That's why we need privacy, and that's why we should vigilantly protect it."

You may like these other stories...

It's not a reality—yet—but accounting software is poised to eliminate accountants. We are at a tipping point for many similar professions: online education replacing professors, legal software replacing...
Whenever I speak to accountants about creating a cloud practice, the most common question is, “How do I charge my clients?” Ten years ago, maybe even five years ago, if I would’ve posed this question...
While reputational risk is the No. 1 nonfinancial concern among corporate directors, cybersecurity/IT risk is gaining steam. In fact, both private companies and organizations with more than $1 billion in revenue felt they...

Upcoming CPE Webinars

Jul 31
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.
Aug 20
In this session we'll review best practices for how to generate interest in your firm’s services.
Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.