An act to protect consumers by requiring reasonable security policies and procedures to protect computerized data containing personal information, and to provide for nationwide notice in the event of a security breach.
Introduced: October 25, 2005; Last Action: June 8, 2006 (Introductory remarks on measure.)
A bill to prevent and mitigate identity theft, to ensure privacy, to provide notice of security breaches, and to enhance criminal penalties, law enforcement assistance, and other protections against security breaches, fraudulent access, and misuse of personally identifiable information.
Introduced: September 29, 2005; Last Action: November 17, 2005 (Placed on Senate Legislative Calendar under General Orders)
A bill to require agencies and persons in possession of computerized data containing sensitive personal information, to disclose security breaches where such breach poses a significant risk of identity theft.
Introduced: June 28, 2005; Last Action: October 20, 2005 (Placed on Senate Legislative Calendar under General Orders)
A bill to strengthen data protection and safeguards, require data breach notification, and further prevent identity theft.
Introduced: July 14, 2005; Last Action: December 8, 2005 (Placed on Senate Legislative Calendar under General Orders)
Sponsor: Sen. Gordon Smith (R-OR)
Cost: $1 per American in 2006
State Legislation about Identity Theft and Legislative Alerts
Security Breach Notification Legislation/Laws (2002-present)
Source: National Conference of State Legislatures
Thirty-five states have enacted legislation requiring companies and/or state agencies to disclose security breaches involving personal information. For summaries of legislation and links to the text of statutes and bills, click on the links below. http://www.ncsl.org/programs/lis/cip/priv/breach.htm
Identity Theft Legislation (2002-2006)
Source: National Conference of State Legislatures
In the 2006 legislative session, states continue to strengthen laws to protect consumers from identity theft. From increasing penalties to expanding the law enforcement role in investigating cases, states enacted several bills to help fight identity theft. States went further to assist identity theft victims after the victimization, by enacting laws that prohibit discrimination against an identity theft victim, allow expungement of the records related to the underlying theft and created Identity Theft Passport programs to help victims in clearing their name and financial records. http://www.ncsl.org/programs/lis/privacy/idt-legis.htm
Consumer Report Security Freeze Laws (2001-present) Source: National Conference of State Legislatures
A consumer report security freeze limits a consumer reporting agency from releasing a credit report or any information from the report without authorization from the consumer. If a person suspects that he or she has been victimized by identity theft, a consumer report security freeze can help the person track whether an identity thief is using the person’s information to set up bogus accounts. Since 2001, 25 states have enacted laws that allow security freezes. Security freeze laws in Hawaii, Kansas, Maine, South Dakota, Texas, Vermont and Washington are limited to identity theft victims, while the other states give all consumers the option to place a freeze on their credit history. http://www.ncsl.org/programs/lis/privacy/idt-legis.htm
