Privacy & Identity Theft
Identity theft occurs when one person uses another’s Social Security number, birth date, driver’s license number, or other identifying information without permission to obtain credit cards or purchase items in the other person's name. Identity thieves can access personal information in a myriad of ways – stealing wallets or mail, accessing personal information from the Internet, fraudulently obtaining credit reports, or getting personnel records from a workplace.

Identity theft affects millions of Americans each year, wreaking havoc on their credit, causing them tremendous inconvenience, and costing businesses and financial institutions over $50 billion annually. In fact, 9.3 million Americans were victims of identity theft in 2004, according to the latest survey by the Better Business Bureau. And identity theft was the top consumer complaint reported to the Federal Trade Commission (FTC) in 2004 for the fifth consecutive year.

Examples of Identity Theft

• Mari Frank was victimized in 1996 by a woman who ordered her credit report online. The woman proceeded to purchase a new Ford Mustang and accrue as much as $50,000 in expenses in Ms. Frank’s name.
  
  
• Michelle Brown, whose story in part inspired Senator Feinstein to address identity theft, had her identity stolen by a receptionist who accepted her rental application form. The woman purchased hundreds of thousands of dollars of merchandise and obtained a driver’s license in Ms. Brown’s name. The woman even used Ms. Brown’s identity when she was arrested by police for a separate crime. A movie was made about this story.
  
  
• A 20-year-old dental assistant from Maine was killed in 1999 by a stalker who bought her Social Security number off the Internet, and then used it to locate her work address.
  
  
• A young woman from Los Angeles had her Social Security number stolen, which then was used to charge $50,000, including a $32,000 truck, a $5,000 liposuction operation, and a year-long residential lease. While assuming the victim’s name, the perpetrator also became the object of an arrest warrant for drug smuggling in Texas.
  
  
• A resident of Castro Valley, California discovered that an identity thief obtained a credit card in her name through the Internet in just 10 seconds. The false application only had her correct Social Security number and birthdate.

Senator Feinstein's Efforts to Prevent Identity Theft
Senator Feinstein is a leader in the effort to protect consumers' personal information including Social Security numbers, medical and financial data, and driver's license information. She was the Senate author of legislation enacted in 2004 to toughen penalties on identity theft and has introduced legislation in the 109th Congress including:

• The Privacy Act (S. 116) - A comprehensive bill that would set a national standard for protecting personal information such as Social Security numbers, driver's licenses, and medical and financial data, including information collected both online and offline. Modeled on California 's financial privacy law, it requires companies to let consumers "opt in" before their most sensitive information such as Social Security numbers, driver’s licenses, and health and financial records is shared. The legislation would also give consumers the choice to “opt out” when less sensitive information such as names and addresses is exchanged.

• The Social Security Number Misuse Prevention Act (S. 29) - This bill would regulate the use of Social Security numbers by government agencies and private companies by prohibiting the sale or display of Social Security numbers to the general public, and by requiring Social Security numbers to be taken off of public records published on the Internet.

• The Notification of Risk to Personal Data Act (S. 115) - Modeled on California's database security law, this bill would define an individual's Social Security number, driver's license number, state identification number, bank account number or credit card number as personal data; require a business or government entity to notify an individual when it appears that a hacker has obtained unencrypted personal data; levy fines by the FTC of $5,000 per violation or up to $25,000 per day while the violation persists; and allow California's privacy law to remain in effect, but preempt conflicting state laws.

For more information on identity theft, please go to:

• Senator Feinstein's booklet on identity theft (PDF)
• The Federal Trade Commission: Your National Resource for Identity Theft

Recent Press Releases, Op-eds and Statements

• Statement of Senator Feinstein on Recent Loss of Bank of America Transaction Records (2/25/05)
• Senator Feinstein Calls for a Judiciary Committee Hearing on Legislation Requiring Notification when Personal Data is Compromised (2/16/05)
• Senator Feinstein Introduces Package of Bills to Prevent Identity Theft (1/24/05)
• President Bush Signs Feinstein Measure to Toughen Penalties on Identity Theft into Law (7/15/04)