The bill seeks to supplement current laws so corporations are more protected, while also repaying people for the time spent repairing their finances.

Sharon Gaudin, Contributor

July 20, 2007

3 Min Read

The U.S. Department of Justice submitted proposed legislation to Congress on Thursday, looking to beef up laws that would take on the burgeoning problem of identity theft.

The bill -- the Identity Theft Enforcement and Restitution Act of 2007 -- seeks, in part, to make sure identity theft victims are paid back for the time they spend trying to repair the damage inflicted upon them and their financial standing, according to a DoJ notice. The bill also would add to the current identity theft and aggravated identity theft statutes, which focus on stealing the identity of individuals. The bill supplements that by making sure people who steal information from companies and organizations can be prosecuted, as well.

"Identity theft has impacted the lives of millions in the United States, and its perpetrators are constantly inventing new ways to commit their crimes," said Attorney General Alberto R. Gonzales, in a statement. "This proposed legislation is a firm step in the right direction in updating our identity theft laws to meet the needs of investigators and prosecutors who are working daily to punish identity thieves, and help victims put their lives back together."

The bill comes out of the President's Task Force on Identity Theft plan, which was released in April. The task force was pulled together to formulate a plan to attack identity theft at all levels in the public and private sectors.

Dave DeWalt, the new president and CEO of security giant McAfee, himself is pushing for legislation that will mandate more jail time for the growing number of cybercriminals breaking into government and corporate computing systems, setting up phishing schemes and building botnets. DeWalt, who has been the victim of identity theft, told InformationWeek in a previous interview that he has been meeting with senators, congressmen, and members of President Bush's staff to talk about cybercrime.

As for the bill that the DoJ is proposing, it also seeks to ensure that federal law enforcement has jurisdiction over the theft of identifying information by closing a loophole in the current statute. Under the proposed act, federal jurisdiction could be obtained if the victim's computer is used in interstate or foreign commerce, the same standard used in other computer hacking offenses.

And the bill would ensure that federal law "appropriately penalizes" identity thieves for the use of spyware and keyloggers, as well as expand the scope of the "cyber extortion" provision so it covers crimes like threats to steal or corrupt data on a victim's computer.

It was reported earlier this week that online extortionists have resurfaced, breaking into users' systems, encrypting their data, and then holding it hostage until a $300 ransom is paid. A cyberblackmailer tormented users in Russia between 2005 and 2006. Now the extortionists have reappeared, according to researchers at Moscow-based Kaspersky Lab. And it also appears they've branched outside Russian borders.

"These new tools would enhance criminal enforcers' ability to crack down on malicious identity thieves and help victims recover," said Deborah Platt Majoras, chairman of the Federal Trade Commission, in a statement. "Each element of the Identity Theft Task Force's recommendations improves our ability to reduce crime, assist victims, and raise awareness."

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights