|
Posted: July 24, 2006 To subscribe to our free email newsletter, go to www.privacyrights.org/subscribe.htm To see archives of the PRC's Privacy Update, go to: |
|
|
| PRC's Privacy Update No. 4:3 In this issue . . . [1] Congressional Update: Bad ID Theft Bill Will be Considered This Week =============================== [1] Congressional Update: Bad ID Theft Bill Will be Considered This Week [UPDATE 7/25/06. We have learned today that there will be NO House floor vote this week on H.R. 3997, but that it is expected to come up for a vote in September after Congress returns from its August recess. Apparently, many consumers recently contacted their Representatives and urged them to oppose this bill for reasons explained below. We will keep subscribers of this newsletter up to date about upcoming votes.] Ten days ago we alerted subscribers of this newsletter to a bad bill making its way through Congress, H.R. 3997, the so-called ìFinancial Data Protection Act.î We have just learned from our colleagues at Consumers Union in D.C. that a vote on the floor of the House of Representatives is expected this coming week (sometime July 24-27). Although the worst of its provisions on credit freezes has been removed (details below), the bill is still a harmful one for consumer protection. We urge you to contact your Congressional Representative with a message to oppose H.R. 3997 and instead to bring H.R. 4127 to the floor for a vote. That bill is the ìData Accountability and Trust Act.î To find the fax and e-mail addresses for your Representative, visit this web site: Or you can call the Capitol Switchboard at this number, (202) 224-3121, and ask to be connected to the office of your Representative. Here's why we continue to consider H.R. 3997 to be bad for consumers. At least 34 states have passed laws requiring companies that experience data breaches to notify individuals that their sensitive personal information has been compromised. This enables consumers to take steps to prevent identity theft, such as placing fraud alerts on their three credit reports. The strongest of those state laws, including California's, require that the breached organizations notify individuals in each instance. H.R. 3997 allows companies to decide whether or not they think the breach will result in harm to individuals before deciding to notify individuals. This is called ìtrigger language.î We believe this provision will result in many breaches not being disclosed to the affected individuals at all. We don't think companies that experience breaches, especially when SSNs are involved, can foretell the future, at least not at this time. To make matters worse, this bill would pre-empt all of the breach notice laws passed by states, thus wiping out strong consumer protection provisions across the country. The trigger language in H.R. 4127 provides consumers much better protection in the event of a security breach. It requires that companies notify individuals of a breach unless it can show otherwise that there is no reasonable risk of harm ñ a much stronger trigger standard than in 3997. And the pre-emption clause in H.R. 4127 is also much narrower. Whereas 3997 would eliminate a broad array of state laws, 4127 only targets state laws that deal with data security practices covered by this bill. Of course, our strong preference is for NO pre-emption of state laws at all. State legislatures are much better positioned to pass laws that protect consumers' interests. Unfortunately, this is not realistic in the current Congress. H.R. 4127 contains an additional provision that is especially valuable for consumers. It gives individuals new rights to review and dispute information held by the large data brokers such as ChoicePoint and Lexis-Nexis. This industry is largely unregulated at this time, although for uses of data obtained for background screening purposes and insurance services, it is governed by the federal Fair Credit Reporting Act. The data warehouses of information broker companies contain profiles on virtually every American adult, consisting of information obtained from public records and from other sources that are publicly available. It's long overdue for consumers to have access to their data files and to make sure the information is correct. [This paragraph updated July 24, 3006] The only good thing to report about H.R. 3997 is that the security freeze provision has been removed. In our previous newsletter , we explained that this bill would only allow victims of identity theft to freeze their credit reports ñ AFTER the harm has been done. We strongly believe that ALL consumers should have the ability to freeze their credit reports ñ the ultimate identity theft prevention strategy that individuals have. For more detailed information on these bills, visit the web sites of our colleagues at Consumers Union and U.S. PIRG: -- CU, www.financialprivacynow.org ==================================== [2] Message to New Subscribers Many of you are reading this newsletter for the first time, even though you may have subscribed months ago. We discovered a glitch in the mailing list management service that we use, and recent subscribers were not registered until earlier this week. We apologize! This newsletter usually alerts you to new privacy guides on our web site, fraud schemes to watch out for, and from time to time -- like this issue -- activity in Congress that we think you would be interested in. especially when Congress is poised to reduce the kinds of consumer protections that we believe all individuals should be entitled to. To read past newsletters, click here:
========================================================================
PRC's Privacy Update No. 4:2 July 10, 2006 In this issue . . . [1] Don't Let Congress Wipe Out Strong State ID Theft Laws [2] Read the Great New Guides on Our Web Site:
======================================== [1] ACTION ALERT: Don't Let Congress Wipe Out Strong State ID Theft Laws If you live in California or one of 24 other states, your legislature has given you the right to ìfreezeî your credit reports. We believe that the ability to cut off access by creditors to one's credit report is the ultimate protection from identity theft. But a bill making its way through Congress would wipe out these laws by pre-empting the states. This industry-favored bill is H.R. 3997, considered by consumer groups like Consumers Union, U.S. PIRG and the PRC as the ìworst-everî identity theft bill. It would only enable identity theft VICTIMS to freeze their credit reports. This means that consumers could not use this tool for identity theft PREVENTION. It also would weaken existing state laws that require consumers to be notified when a company experiences a security breach. A better bill is H.R. 4127 sponsored by Rep. Ed Markey (D-MA) and House Energy and Commerce Committee Chairman Joe Barton (R-VA). It leaves states free to establish strong credit freeze laws and sets much stronger standards for security breach notification than H.R. 3997. H.R. 4127 also would give individuals access and correction rights for their data profiles compiled by information brokers such as ChoicePoint and LexisNexis. You can send a message to Congress about these bills right now by visiting the Consumers Union web site, www.financialprivacynow.org. We will contact you again later in July when important votes are coming up in Congress. Your faxed letters to key members of Congress at that time will be crucial in stopping H.R. 3997. Why faxed letters? Postal mail takes a long time to reach Congress because of checks for anthrax. To find the fax numbers for Congress, visit www.visi.com/juan/congress/. In the meantime, you can learn more at these sites:
Stay tuned. We will alert you when your faxed letters are needed to stop H.R. 3997. ========================================= [2] PRIVACY TIPS: Read These Great New Guides on Our Web Site We have recently posted two new consumer alerts. Is your profile posted on MySpace or another social networking site? Employers have been known to check out job applicants and even reject them based on their profile. To learn how to protect yourself, read our alert, www.privacyrights.org/ar/onlinepersona.htm. After Hurricane Katrina, many individuals have seen the value of gathering their medical records together in one safe place, even online. For tips on compiling your personal health record, read our new guide, www.privacyrights.org/ar/keepmedfile.htm. And last but not least, we have launched a new FAQ series to expand upon the information in our Fact Sheets. ìFrequently Asked Questionsî on three topics have been posted online, with a half dozen more to follow. We have created these FAQs by analyzing consumers' questions to our hotline over the past few years and coming up with a list of the most-repeated inquiries. Check them out here:
|
Copyright © 2006-2007. Privacy Rights Clearinghouse/UCAN. This copyrighted document may be copied and distributed for nonprofit, educational purposes only. For distribution, see our copyright and reprint guidelines. The text of this document may not be altered without express authorization of the Privacy Rights Clearinghouse. This document should be used as an information source and not as legal advice. PRC documents contain information about federal laws as well as some California-specific information. Laws in other states may vary. Overall, our information is applicable to consumers nationwide. |
