Bill takes aim at identity theft

Federal agencies would be required to notify citizens of unauthorized access to their computerized personal data under a bill introduced yesterday by Sen. Dianne Feinstein (D-Calif.).

The bill, which Feinstein called a 'practical measure to curb identity theft,' is modeled on a California state law that goes into effect July 1. Unlike the California law, S 1350 would apply to federal agencies, state governments and businesses engaged in interstate commerce.

According to a draft, the bill defines personal information as a person's full name or first initial and last name, together with that person's Social Security number, driver's license number, state identification number, or bank or credit card account number. Owners or controllers of databases with such information would have to notify individuals 'as expediently as possible and without unreasonable delay' following discovery of a breach.

Notification could be in writing or by e-mail or, if that were too expensive or impractical, by conspicuously publicizing the persons' names on a Web site or through media.

The bill does not apply to encrypted data. Unlike the California law, it exempts agencies and companies that already have reasonable notification policies in their security programs. Notification also could be delayed if a law enforcement agency determined it would interfere with an investigation.

The Federal Trade Commission would enforce the provisions in Feinstein's bill. State attorneys general could file suits under its provisions, and fines might range from $5,000 per violation up to $25,000 per day. The bill would allow the California law to remain in effect but would pre-empt other, conflicting state laws.

The Feinstein bill has been referred to the Senate Judiciary Committee.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected