11:28 AM
Connect Directly

New Bill Proposes Tougher Punishments for Identity Theft

The Personal Data Privacy and Security Act would require enterprises with more than 10,000 customers to implement a security and auditing plan and to notify their patrons when there is a suspected breach.

In late June, Sens. Arlen Specter (R-Pa.) and Patrick Leahy (D-Vt.) introduced a new bill--S.1332, Personal Data Privacy and Security Act of 2005. This sweeping legislation raises the punishments for identity theft and stipulates security measures for protecting Personally Identifiable Information (PII) and Social Security numbers.

Among other things, the new bill requires enterprises with PII on more than 10,000 customers to implement a security and auditing plan and to notify customers nationwide when there is a suspected security breach.

You didn't need a crystal ball to see a bill like this coming, and it's high time, too. The number of lost or stolen personal records this year alone exceeds 49 million, which means millions of people may be victims of identity theft.

The proposed legislation could be stronger. For example, we'd like to see it applied not just to large corporations but to companies with as few as 1,000 PII records. And at this point, there's no guarantee this particular bill will pass. But rest assured that Congress will enact legislation on this topic--sooner or later.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
Increasing IT Agility and Speed To Drive Business Growth
Learn about the steps you'll need to take to transform your IT operation and culture into an agile organization that supports business-driving initiatives.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.