Electronics & Computers Deals here!
April 23, 2007 12:56 PM PDT
White House panel pushes new identity fraud laws
Last modified: April 23, 2007 1:57 PM PDT
- Related Stories
-
Study: Identity theft keeps climbing
March 6, 2007 -
Identity theft risk greatest in major cities
February 13, 2007 -
ID theft remains top concern for consumers
February 7, 2007 -
Uncle Sam's coming crackdown on ID theft
September 27, 2006 -
Bill puts cops first in data leak notification
May 11, 2006 -
Identity crisis: Myth vs. reality in ID theft
October 24, 2005 -
FAQ: Identity fraud uncovered
October 24, 2005 -
Mitigating identity theft
April 14, 2005
The new national strategy, which spans two volumes and 190 pages, calls for rewriting existing criminal laws to penalize use of malicious spyware and keyloggers, to expand mandatory minimum prison sentences for certain levels of electronic data theft, and to allow identity theft victims to receive monetary compensation not only for their direct financial losses, but also for the time they spent piecing their lives back together.
Scores of state and federal laws, such as one President Bush signed in July 2004 and another that President Clinton signed in October 1998, already outlaw identity fraud, and federal prosecutors have successfully used them to secure convictions against phishers, miscreants who typically use fraudulent Web pages and spam to trick people into giving up personal data. The National Conference of State Legislatures has compiled an exhaustive list of state statutes that also have resulted in felony convictions. In addition, fraud itself has been unlawful for hundreds of years.
Nevertheless, the task force members called for still more laws. "Much has been accomplished, and there are more protections in place now than ever before," Gonzales said at a press conference here during an FTC workshop about identification and authentication tactics. "But the president and the task force recognize we need to do more."
Bush created the task force within the White House last May, just before the U.S. Department of Veterans Affairs revealed that devices housing personal data on more than 26 million veterans had been stolen. The task force consists of cabinet-level and high-ranking officials from a total of 17 federal agencies and departments.
The final report repeats many suggestions contained in an interim document released last September.
Many of the recommendations differ little from policies that Congress has already been exploring. The plan, for example, calls for limiting the reliance on Social Security numbers by federal agencies and for establishing a nationwide standard dictating how private companies should safeguard the personal data they hold and when they must notify the public about security breaches.
The group also suggests setting up a so-called National Identity Theft Law Enforcement Center, which would allow law enforcement, regulatory agencies and the private sector to consolidate and share such information around the clock.
"One thing is clear," Majoras said, "Only a coordinated approach will have the reach and impact necessary to effectively attack this crime."
The Business Software Alliance, whose members include Apple, Microsoft and Cisco Systems, applauded the task force findings, particularly the provisions aimed at closing perceived gaps in criminal computer crime laws.
The task force had called for changes to current computer-related identity theft laws because it said they aren't broad enough to allow for prosecution of all wrongdoers. One provision, for instance, requires that the data in question be stolen through "interstate communications" before a prosecution can occur, and another provision stipulates that the damage caused by cybercrooks to a person's computer must exceed $5,000 in most cases--a condition the task force says is often difficult or even impossible to prove.
Some privacy advocates said they believe the report fell far short of assuaging concerns about safeguarding personal data.
"We don't think the final strategic plan does enough to address the root causes of the identity theft problem," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. EPIC had filed comments urging the government to focus on getting government agencies and private companies to employ better privacy and security practices, not just on expanding law enforcement powers.
Ari Schwartz, deputy director of the Center for Democracy and Technology, said the report made some important suggestions, but his organization was disappointed that it "only addresses the symptoms of an ailing national privacy framework that is badly in need of an overhaul."
CNET News.com's Declan McCullagh contributed to this report.
See more CNET content tagged:
identity fraud,
identity theft,
Alberto Gonzales,
provision,
law
Why? Two reasons.
First, that would impact one of the key Bush sources of power: business.
Second, the Bush administration is also pushing to make what they call "voter fraud" a priority on a broad front and this is one more way they can push it. Voter fraud is where you steal an election by preventing poor people and people of color from voting by making it too difficult or not even counting their votes. Twice. But that's not the way the Bush administration defines it. They want to make the barriers to voting higher and threatening people with more laws - even in the disguise of preventing identity theft - is just another raid in this campaign.
If anyone else was pushing it, I might not be so suspicious. But Gonzales has shown himself incapable of acting for the people.
Bush is so stupid he thinks that making laws without enforcement is effective.
What WILL solve these problems is for all children and adults to be TOLD that it is wrong to steal someone else's identity from birth, and to make it so that they do not have to.
Does anyone think that maybe the ones who are stealing identities are the ones who we are persecuting in the United States? The 'sex offenders', pedosexuals, etc.?
I would really like a law that says when you steal someone's identity you are automatically sentenced to life in prison. That would keep people from wanting to take the chance of doing it, because it wouldn't be worth it! Not infringing on anyone's rights either by making this law, coming from a libertarian.
Report the phishing e-mail to the original spoof address, then send it to the A-P-E address.