Financial Privacy
Read Bart's Views on Current Issues
- Position on Iraq
- 602P Myth
- ANWR (Arctic National Wildlife Refuge)
- Financial Privacy
- Child Custody Protection Act
- Health Care
- Congressional Benefits Myth
- Federal Marriage
- Gasoline Prices
- Immigration
- Marriage Penalty
- Prescription Drugs
- Roadless Areas
- Social Security Notch Issues
- Stem Cell Research
- Veterans Benefits
Identity theft is on the rise in the country; at least 10 million Americans have been victims of identity theft. According to the Federal Trade Commission (FTC), ID theft translated into estimated losses of $48 billion for businesses and $5 billion to consumers, during a recent one-year period.
The House Energy and Commerce Committee, of which I am a member, recently reported out a bill to strengthen privacy protections for consumers and require that consumers are notified when they are at risk of identity theft. The bipartisan legislation, H.R. 4127, the Data Accountability and Trust Act, passed the committee unanimously.
The bill would place new requirements on companies that collect personal data. These "data brokers" will be required to implement effective security safeguards. If there is a reasonable risk of identity theft to the individual to whom the personal information relates, fraud or other unlawful conduct, these data brokers must notify consumers. Additionally, data brokers would be prohibited from falsely representing themselves to obtain personal data.
The DATA Act would:
- Direct the Federal Trade Commission to create rules setting rigorous national standards for data brokers to protect personal information.
- Require data brokers to have a security policy that explains the "collection, use, sale, other dissemination, and security" of the data they hold.
- Require entities to appoint and identify a person in the organization that is responsible for information security.
- Require any entity that experiences reasonable risk of identity theft to the individual to whom the personal information relates, fraud or other unlawful conduct to notify each individual in the United States whose information was acquired by an unauthorized person as a result of the breach. Conspicuous notice on the breached entity's Web site is also required. The FTC must also be notified.
- Provide for an FTC or independent audit of an information broker's security practices following a breach of security. Permit the FTC to conduct or require audits for a period of five years after the breach, or until the commission determines security practices are in compliance with the act and are adequate to prevent further breaches.
- Require data brokers to regularly monitor security systems for breaches.
- Prohibit data brokers from obtaining information on someone by impersonating that person - also known as "pretexting."
- Allow consumers annual access to records maintained on them by data brokers as well as the right to have inaccurate information corrected or labeled as disputed.
- Provide for enforcement of H.R. 4127 by both the FTC and State Attorneys General.
HR 4127 has the support of consumer protection groups and States Attorneys’ General. Unfortunately, the legislation has not come to the full House of Representatives for a vote. I will continue to push for this strong, bipartisan legislation to be enacted this year.
