WASHINGTON,
D.C.—The House Financial Services Committee voted today to repeal
strict state notification and credit freeze laws that have helped to
protect consumers from identity theft and financial fraud. These laws
provide essential protections that allow consumers to prevent identity
thieves from opening credit accounts in their names and require
companies to inform consumers when their personal data —such as their
Social Security and credit card numbers — have become compromised.
“It
is ironic that after a year in which over 55 million Americans’
identities were put at risk through preventable data breaches, the
House Financial Services Committee would repeal state laws that have
protected consumers from identity theft,” said Susanna Montezemolo,
policy analyst with Consumers Union, nonprofit publisher of Consumer
Reports magazine.
Montezemolo
added, “This bill is like buying a fire detector after your house has
burned down—it is too little, too late. We shouldn’t have to wait until
an identity thief has already bought a Lexus in your name in order to
have the right protect yourself. ”
Ed
Mierzwinski, Consumer Program Director for the Texas Public Interest
Research Group, said: “Today, the Financial Services Committee voted
for the worst data security bill ever. Rather than voting to protect
consumers, the Committee made things worse. All consumers should have
the right to sleep at night without worrying about identity theft –
this bill takes us in the exact wrong direction.”
There
are nearly 10 million identity theft victims each year, according the
Federal Trade Commission, or an estimated 19 identity theft victims a
minute. The crime has cost businesses, financial institutions and
consumers billions of dollars in recent years.
The
Federal Trade Commission recently negotiated the largest civil penalty
ever -- $10 million -- for data broker ChoicePoint’s admission that it
sold 163,000 personal financial records to identity thieves. Consumers
and the media only learned of the ChoicePoint incident after
Californians were notified, based on that state’s strict notification
requirements.
Since
then, consumers have come to expect that when their personal data is at
risk, they will be notified. Eleven states have stricter notification
standards than the federal bill, including Texas. Eight states have
freeze laws stronger than those in the bill: California, Colorado,
Connecticut, Louisiana, Maine, Nevada, New Jersey, and North Carolina.
All of these laws would be eliminated under the measure.
Mierzwinski
said, “This is just the first step in the legislative process, and
other committees have jurisdiction over this issue. Ideally, this bill
will not become law and states will continue to innovate in the area of
identity theft and privacy protections.”
