The
listing of laws on this page may not be complete.
Thomas Legislative Information on the Internet
http://thomas.loc.gov/
Identity Theft and
Assumption Deterrence Act
In October 1998, Congress passed the Identity Theft and Assumption Deterrence
Act of 1998 (Identity Theft Act) to address the problem of identity theft.
Specifically, the Act amended 18 U.S.C. § 1028 to make it a federal crime when
anyone:
knowingly transfers or uses, without lawful authority, a means of identification
of another person with the intent to commit, or to aid or abet, any unlawful
activity that constitutes a violation of Federal law, or that constitutes a
felony under any applicable State or local law.
Violations of the Act are investigated by federal investigative agencies such as
the U.S. Secret Service, the FBI, and the U.S. Postal Inspection Service and
prosecuted by the Department of Justice.
Section 5 of this Act, Pub. L. No. 105-318, 112 Stat. 3007, makes the FTC a
central clearinghouse for identity theft complaints. The Act requires the FTC to
log and acknowledge such complaints, provide victims with relevant information,
and refer their complaints to appropriate entities (e.g., the major national
consumer reporting agencies and other law enforcement agencies).
Fair Credit Reporting Act
http://www.ftc.gov/os/statutes/031224fcra.pdf
The Fair Credit Reporting Act establishes procedures for correcting mistakes on
your credit record and requires that your record only be provided for legitimate
business needs.
Fair Credit Billing Act
http://www4.law.cornell.edu/uscode/15/ch41schIpD.html
The Fair Credit Billing Act establishes procedures for resolving billing errors
on your credit card accounts. It also limits a consumer's liability for
fraudulent credit card charges.
Fair Debt Collection Practices Act
http://www4.law.cornell.edu/uscode/15/1692.html
The Fair Debt Collection Practices Act prohibits debt collectors from using
unfair or deceptive practices to collect overdue bills that your creditor has
forwarded for collection.
Electronic Fund Transfer Act
http://www4.law.cornell.edu/uscode/15/1693.html
The Electronic Fund Transfer Act provides consumer protection for all
transactions using a debit card or electronic means to debit or credit an
account. It also limits a consumer's liability for unauthorized electronic fund
transfers.
Privacy and Information Security |
Driver’s Privacy Protection Act of 1994
http://www4.law.cornell.edu/uscode/18/2721.html
This law puts limits on disclosures of personal information in records
maintained by departments of motor vehicles.
Family Educational Rights and Privacy Act of 1974
http://www4.law.cornell.edu/uscode/20/1232g.html
This law puts limits on disclosure of educational records maintained by agencies
and institutions that receive federal funding.
Gramm-Leach-Bliley Act (to be codified in relevant part at 15 U.S.C. §§
6801-6809)
Title V, subtitle A, of this Act, Pub. L. No. 106-102,
http://frwebgate.access.gpo.gov/
§§ 501-510, 113 Stat. 1338, 1436-45 (Nov. 12, 1999) requires the FTC, along with
the Federal banking agencies, the National Credit Union Administration, the
Treasury Department, and the Securities and Exchange Commission, to issue
regulations
(to be codified at 16 CFR Part 313) ensuring that financial institutions protect
the privacy of consumers' personal financial information. Such institutions must
develop and give notice of their privacy policies to their own customers at
least annually, and before disclosing any consumer's personal financial
information to a nonaffiliated third party, must give notice and an opportunity
for that consumer to "opt out" from such disclosure.
Health Information Portability and Accountability Act of 1996, Standards for
Privacy of Individually Identifiable Health Information, Final Rule - 45 CFR
parts 160 and 164
http://aspe.hhs.gov/admnsimp/bannerps.htm#privacy
The privacy rule regulates the security and confidentiality of patient
information. It took effect on April 14, 2001, with most covered entities
(health plans, health care clearinghouse and health care providers who conduct
certain financial and administrative transactions electronically) having until
April 2003 to comply.
California Office of Privacy Protection – See for a variety of laws for
businesses and consumers including requirements for law enforcement to take
police reports and requirements for credit reporting agencies to place security
alerts and freezes, and to block inaccurate information resulting from an
identity theft upon receipt of a police report.
http://www.privacyprotection.ca.gov/
National Conference of State Legislatures
http://www.ncsl.org/programs/lis/privacy/idt-01legis.htm
California
See California Office of Privacy Protection
http://www.privacyprotection.ca.gov/
Credit Information Blocking |
Alabama
Alabama Code Sect. 13A-8-190 through 201
13A-8-190
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-190.htm
13A-8-191
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-191.htm
13A-8-192
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-192.htm
13A-8-193
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-193.htm
13A-8-194
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-194.htm
13A-8-195
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-195.htm
13A-8-196
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-196.htm
13A-8-197
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-197.htm
13A-8-198
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-198.htm
13A-8-199
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-199.htm
13A-8-200
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-200.htm
13A-8-201
http://alisdb.legislature.state.al.us/acas/CodeOfAlabama/1975/13A-8-201.htm
Section 11 requires the credit reporting agencies (CRAs) to block false
information from consumer victims' credit reports within 30 days of a consumer
submitting a court order for the identity thief’s conviction to the CRA.
California
See California Office of Privacy Protection
http://www.privacyprotection.ca.gov/
Colorado
Colorado Revised Statutes
12-14.3-106.5 through 108 and CRS 16-18.5-103
12-14.3-106.5
http://198.187.128.12/colorado/lpext.dll/Infobase/16179/161db/17481/1752a?fn=document-
12-14.3-107
http://198.187.128.12/colorado/lpext.dll/Infobase/16179/161db/17481/1753e?fn=document-
12-14.3-108
http://198.187.128.12/colorado/lpext.dll/Infobase/16179/161db/17481/17545?fn=document-
16-18.5-103
http://198.187.128.12/colorado/lpext.dll/Infobase/22ff2/25010/2504c/25068?fn=document
Requires credit reporting agencies to block inaccurate information resulting
from an identity theft upon receipt of a police report.
Idaho
Idaho Code Section 28-51-102
http://www3.state.id.us/cgi-bin/newidst?sctid=280510102.K
Requires credit reporting agencies to block inaccurate information resulting
from an identity theft upon receipt of a police report.
Washington
Rev. Code Wash. Section 19.182.160
http://www.leg.wa.gov/RCW/index.cfm?fuseaction=section§ion=19.182.160
Requires credit reporting agencies to block inaccurate information resulting
from an identity theft upon receipt of a police report.
Rhode Island
R.I. Gen. Laws Section 6-13-17
http://www.rilin.state.ri.us/Statutes/TITLE6/6-13/6-13-17.HTM
This law states that unless required by federal law, no person shall require
that a consumer of goods or services disclose a social security number incident
to the sale of consumer goods or services; provided, however that: insurance
companies, health care, or pharmaceutical companies may require the consumer to
furnish a social security number. Also, a consumer may be required to furnish
his or her SSN when applying for a credit card.
|