Previous Page | Print this Document

July 17, 12007...Today, the Senate passed legislation that provides Massachusetts consumers with greater protections from identity theft. The bill increases requirements on companies and agencies to report security breaches and protect personal information. It also puts tools at consumers’ disposal to protect their credit information.

“Identity theft is one of the fastest growing crimes in this country,” said Moore. “I am pleased the Senate took swift action to stop this serious crime. This legislation provides consumers with a valuable tool to quickly counteract unlawful activity to their personal information and holds companies accountable for security breaches.”

In the past, Moore participated in a panel sponsored by National Conference of State Legislature’s (NCSL) Identity Security Project entitled “Making Sure It’s Really You” and was a member of the project committee that included senior executives of the Business Roundtable. During the committees’ deliberations, the senator discussed the work of the NCSL Task Force on Protecting Democracy, which he co-chaired and its policy recommendations for legislators regarding identity theft.

“It is time for Massachusetts to protect consumers from identity theft,” said Senate President Murray. “This law empowers consumers and increases the responsibility of companies and agencies that store consumers’ personal and credit information.” 

The legislation allows consumers to dictate who has access to their personal information from credit reporting agencies by allowing them to apply a security freeze on their information. The consumer would be required to send notification to the reporting agencies requesting the freeze. Once the reporting agency receives the request, they will send the individual confirmation and an ID and passcode. This passcode will allow the consumer to temporarily unfreeze or completely remove the freeze from the account. 

There will be a maximum of a $5 fee to implement, remove, or for each lift of a freeze. The charges, however, will not apply to a victim of identity theft or a victim’s spouse. 

In addition to empowering consumers, the legislation also clearly defines the requirements and responsibilities of businesses and agencies. Specifically, businesses, government agencies and non-profits are required to inform individuals of any security breach where there is the potential that personal information has been accessed and might be used for unlawful activities. The business or agency would provide a written notice or, depending on the number of consumers affected, an appropriate means of notification to the affected individuals.

Businesses and agencies are also directed to properly dispose of personal information, either electronic or paper formats, by measures that include redaction, pulverizing, burning, erasure of electronic data or shredding. Any entities failing to properly dispose of personal information can be fined up to $100 for each data subject affected, but not exceeding $50,000. 

The Federal Trade Commission estimates that 9 million people each year are victims of identity theft. The legislation is now on its way to the Governor’s desk to await his signature. 

For more information or to learn about Sen. Moore’s work in the Senate, log onto his web site at www.senatormoore.com . 

Previous Page | Print this Document