Tuesday, November 27, 2007

The Identity Theft Enforcement and Restitution Act of 2007

Senator Patrick Leahy introduced a much-needed Identity Theft bill in the Senate on October 30th. The bill, S.2168, cited as the "Identity Theft Enforcement and Restitution Act of 2007", passed by "Unanimous Consent" on November 15th, and we now anticipate rapid action from the House.

Key improvements from the bill include:

A change which removes the previous threshold of requiring $5,000 in damages to make identity theft or spyware a Federal Offense;

A change which makes the placing of spyware or keyloggers on more than 10 computers a FELONY offense;

A change to instruct Criminal Restitution to "pay an amount equal to the value of the time reasonably spent by the victim in an attempt to remediate the intended or actual harm incurred by the victim from the offense";

A change to ensure that Identity Theft resulting from theft of mail be considered under the guidelines for "Aggravated Identity Theft";

A change to the sentencing guidelines in Section 1030 Title 18 subsection (a)(5) "Malicious Spyware, Hacking, and Keyloggers", to increase first offense sentences to include a fine and prison terms up to five years. For a second offense under the same section, the prison term would be raised to up to ten years. Language was also added regarding "an attempt to commit an offense punishable under this subparagraph". ("Attempted hacking"?);

A change to Section 1030(a)(7) that would enhance and clarify the definition of Cyber Extortion;

A change allowing a much greater forfeiture of personal property gained as a result of finances obtained via identity theft;

The bill also directs the United States Sentencing Commission to consider 13 points as they seek to increase sentences for these types of offenses.

So what happens next?

Senator Leahy described the bill as being "requested by the Department of Justice", and "supported by a broad coalition of business, high-tech and consumer groups, including Microsoft, Consumers Union, the Cyber Security Industry Alliance, the Business Software Alliance, AARP, and the Chamber of Commerce." (A letter from the Chamber of Commerce was actually read into the Congressional Record in support of the Bill.)

In traditional law-making, bills are introduced in the House and passed to the Senate. This one appears to me to be reversing the process, which means it is now necessary for the House to accept this bill as one of their own. It is now a pressing matter that this bill be voted on by the House and get passed before we all go home for Christmas.

What can you do? Make sure that your Congressman knows about this important bill, and encourage them to get the vote scheduled and to vote in the affirmative for the bill.

1 comment:

  1. Anonymous6:21 PM

    Hello, I have a question. Was anything siad about employees monitoring? I work as a system administrator and have installed PC ACME on each of the PCs in our company. All the employees know about this fact as we tell them that there will be the monitoring software installed on their PCs before they sign the contract. The software is licenced. So, is everything legal?


Trying a new setting. After turning on comments, I got about 20-30 comments per day that were all link spam. Sorry to require login, but the spam was too much.