I wrote a letter to Congressman Chris Shays in June asking for his postion regarding zabasearch.com, a website that lists all public records for anyone to find easily. This type of information makes it easier for a willing person to commit identity fraud. I understand that these are just public records that can be found at the town clerk's office, but it is necessary to keep information such as this off the public website's since it is just asking to be misused.
Dear Jeffrey:
Thank you for your email way back in June expressing concern that a website, www.zabasearch.com, provides extensive personal information. In your comments, you stated, "This seems like a massive invasion of privacy making this information so freely and easily available." I appreciate your taking the time to share your views with me, as well as your patience awaiting my reply.
I share your concern about zabasearch.com and other sites that make personal information so readily available. The Internet puts an incredible amount of information at our fingertips and powerful search engines, such as ZabaSearch, allow this information to be sorted quickly and easily. While the power of the Internet is one of the greatest advances in human history, I am also sensitive to concerns about privacy.
Though the 1974 Privacy Act prohibits the government from collecting and aggregating information about individual citizens, it doesn't prevent private information sellers from collecting and selling this information back to the government, to other companies and individuals, or hoarding it for themselves. In this respect, ZabaSearch is no different from established information brokers like credit reporting agencies. In addition, the information gathered by ZabaSearch is all otherwise in the public domain, such as court records, property records, and change-of-address forms.
I have enclosed an article regarding the legality of ZabaSearch and other similar websites that I hope you find informative. http://writ.news.findlaw.com/ramasastry/20050512.html
In the past, I have supported creating a bipartisan commission in Congress that will study privacy protection. While this has not yet happened, I am hopeful a commission will eventually be established so we can move towards a consensus that allows us to protect individual privacy with minimum government interference. It also seems to me, federal and state governments will eventually need to enact stricter regulations on information trading, and impose stronger penalties on data resellers if the inadequate security systems allows information to be stolen by identity thieves.
I would also like to suggest a few steps you can take to better protect yourself. First, use caution before submitting any personal data to websites. Most websites now publish a privacy disclaimer detailing how they use personal information and if they sell personal data to third parties. Second, verify the level of encryption utilized on websites to protect your data from third party sources. Most sites also provide that information in their privacy disclaimer information. Taking these precautions can enhance your online security.
I am very concerned about identity theft and believe Congress needs to seriously address this problem. According to the Federal Trade Commission, identity theft is the most common complaint from consumers in all 50 states, and complaints regarding such theft have grown for four consecutive years.
While there are important steps Congress can take, there are also several simple steps consumers can take to protect themselves from identity theft including securing personal information such as Social Security cards, personal passwords and PIN numbers, and properly disposing of waste materials that contain printed personal information. Individuals should also watch closely for incorrect information on financial statements and periodically check their credit reports. Connecticut residents will have access to an annual free report beginning September 1, 2005, and may visit www.annualcreditreport.com for more information.
To address the growing scourge of identity theft, I have asked to be added as a cosponsor of H.R. 3375, the Financial Data Security Act. This legislation creates uniform national security standards for sensitive data and provides for consumer notification and mitigation procedures in instances in which a breach occurs.
Specifically, this legislation amends the Fair Credit Reporting Act and requires database security safeguards to protect consumers regardless of the sector handling the sensitive information. Although financial institutions are already required to secure their sensitive data, we must ensure this standard is effective and being enforced.
If a database has lost valuable information, investigations are required and notice to law enforcement and government regulators is mandatory. If, following an investigation, it is found that the breach could reasonably lead to identity theft or fraud, consumers must receive notice. Finally, a company that has had an information breach, is required to provide consumers free of charge, a service that monitors consumer credit files so they will be informed if attempts are made to open a new line of credit in their name.
On June 23, 2004, I supported H.R. 858, the Identity Theft Penalty Enhancement Act, which passed the House by voice vote and was signed into law by the President on July 15, 2004. This legislation defines and establishes penalties for aggravated identity theft and makes changes to existing identity theft laws. The penalty for aggravated identity theft is a term of imprisonment of two years in addition to the punishment provided for the original felony committed. In addition to increasing penalties for identity theft, H.R. 858, authorizes $2 million per year through fiscal year 2009 (FY 09) for the Justice Department to investigate and prosecute identity theft and related credit card and other felony fraud cases.
Several existing federal laws protect consumers from fraud, require fair credit reporting, and provide mechanisms for victims of identity theft to seek recourse.
On November 21, 2003, I voted for H.R. 2622, the Fair and Accurate Credit Transactions Act, which passed the House by a vote of 379 to 49. The President signed this legislation into law on December 4, 2003. H.R. 2622 contains several provisions aimed at preventing identity theft and assisting victims of identity theft.
H.R. 2622 makes changes to the Fair Credit Reporting Act to protect against identity theft including:
* Requiring credit card companies to investigate change of address requests if the company receives a request for an additional card within 30 days of receiving a notification of a change of address.
* Requiring consumer reporting agencies to include fraud alerts in a consumer's file upon the request of the consumer.
* Requiring reporting agencies to develop procedures for providing consumers who believe they've been a victim of identity theft with a summary of their rights.
* Requiring reporting agencies to block any information identified by a consumer in their credit file as fraudulent, as having resulted from an alleged identity theft.
While much remains to be done to protect consumers from identity theft, H.R. 2622 makes significant improvements to America's credit system. As a member of the Financial Services Committee, I will continue to monitor legislation that addresses these crimes.
Please do not hesitate to contact my office again. Because mail is delayed by Anthrax screening, e-mails, phone calls, faxes, and in-person visits are the most effective ways to communicate with my office. I also have recently begun a periodic e-newsletter and would be happy to send it to you. To request this e-newsletter, and for other information, please visit my website at www.house.gov/shays.
Sincerely,
Christopher Shays Member of Congress
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment