- unfortunately, it reads like what it is, a wordy press release.
Take special note of the mandatory destruction of records
before disposal. Also of interest is that ISPs and others
now have a cause of action in filing suit.
http://www.ny.gov/governor/press/06/0609061.html
FOR IMMEDIATE RELEASE:
June 9, 2006
GOVERNOR SIGNS IMPORTANT LEGISLATION TO PROTECT NEW YORKERS AGAINST
IDENTITY THEFT
New York Remains National Leader in Providing Consumers with Ability to
Proactively Protect their Credit Reports from Third Party Access
Governor George E. Pataki today signed three bills that will further
protect New York's consumers and their privacy. These bills will
allow consumers to proactively defend themselves against identity
thieves, require businesses to properly discard documents and records
containing personal information, and prohibit individuals from
deceptively soliciting sensitive information from Internet users.
They will also help prohibit the potential repercussions that many
identity theft victims encounter, including the denial of loan
applications, false arrest, and criminal records.
"Before another New Yorker falls victim to fraud or identity theft,
these laws, signed today, will go a long way to protecting our
consumers, in the future," Governor Pataki said. "As all New Yorkers
come to rely heavily on the Internet in their daily lives, we must
exercise all possible avenues to ensure the safety and privacy of our
consumers and protect them from identity fraud. These three laws make
certain that New Yorkers have additional tools to combat those wishing
to take advantage of them and their families."
Senator Charles J. Fuschillo, Jr., Chairman of the Senate's Consumer
Protection Committee and sponsor of the bills said, "As criminals
continue to devise new schemes to steal people's private information,
New York State must come up with stronger laws to protect its
consumers. By giving people the ability to freeze their credit and
requiring businesses and governments to properly dispose of records
containing private information, we will be enacting three of the
toughest anti-identity theft laws in the country."
"I thank Governor Pataki for helping us enact these important new laws
that will greatly benefit all New Yorkers."
Assemblywoman Audrey Pheffer, Chair of the Assembly Consumer Affairs
and Protection Committee said, "With the recent announcement that
millions of the nation's veterans are the potential victims of
identity theft this legislation is extraordinarily timely in aiding
these New York Veterans involved in this matter, as well as consumers
across the state."
"These bills were developed after intensive negotiations with all
parties involved, and we believe that the result is a comprehensive
package of legislation that addresses the needs of our consumers and
continues to demonstrate that New York remains a leader in the fight
against identity theft."
Assemblyman Richard Brodsky, sponsor of one of the bills, said,
"Today, we took a huge step forward to protect consumers throughout
this State from the nefarious activities of online fraudsters. The
Internet is a lot like the Wild West where thieves and fraudsters lurk
in every corner. Phishers prey on the people and this bill stops
them."
Teresa A. Santiago, Chairperson and Executive Director of the New York
State Consumer Protection Board (CPB) said, "These new laws will help
protect New Yorkers from the financial costs and emotional stress that
can result from identity theft. The CPB was the first to propose
legislation that would prevent Identity Theft resulting from the
improper disposal of records containing personal information. When
receipts and other documents are not shredded or otherwise destroyed
prior to disposal, there is a greater likelihood that consumers may
become victims of identity theft."
The Security Freeze Law allows consumers, who are either identity
theft victims or are concerned that they might be at risk of having
their identities stolen, to cut off an identity thief's access to
credit, loans, leases, goods and services by placing a "freeze" on
their consumer credit report. Consumers must have proper
identification and may have to pay an applicable fee, not to exceed
$5.00, to have the freeze put in place.
Consumers must send a written request to a consumer credit reporting
agency by certified or overnight mail and would be permitted to remove
a freeze entirely, lift a freeze for specific period of time, or grant
a specific party access to their report. Consumers must have proper
identification, their PIN or password (that the credit reporting
agency supplies), the name of the party to whom the information may be
made available, the time period of availability and payment of any
applicable fees.
The Disposal of Personal Records Law requires any business to properly
dispose of records containing personal information through one of the
following means: shredding, destruction, modification, or other
reasonable action to ensure that no unauthorized person will have
access to the personal information. This law will ensure that disposed
records containing personal information are not a source that thieves
rely upon to commit identity theft.
The Law also provides that a failure to properly dispose of records by
any business or other business under this law would result in a civil
penalty of up to $5,000.
The Anti-Phishing Act of 2006 prohibits the deceptive solicitation of
personal information through electronic communications. Internet
service providers, affected trademark holders or the Attorney General
are authorized to bring an action to recover the greater of actual
damages or $1,000 per violation. Treble damages are also allowed when
the court finds that a person has engaged in a pattern and practice of
phishing.
Phishing is the act of sending an e-mail to an Internet user, falsely
claiming to be an established legitimate enterprise in an attempt to
scam the user into surrendering private information that will be used
for identity theft. The scammer lures the potential victim out of a
sea of internet users for passwords and financial data. "Phishing"
accounts for nearly 25% of all Internet fraud.
_____________________________________________________
Knowledge may be power, but communications is the key
dannyb@panix.com
[to foil spammers, my address has been double rot-13 encoded]
Danny Burstein (dannyb@panix.com)