- Why a Saudi blogger faces a possible death sentence for three tweets
- America's big wealth gap: Is it good, bad, or irrelevant?
- Xi Jinping, future Chinese president, faces test on first White House visit (+video)
- Iran accuses Israel of setting up attacks on its own diplomats
- Valentine's Day: cost of romance rising for flower delivery, 4 other things
- No budget? No problem! The strange politics behind a budgetless America.
Identity theft: big enough to steal lawmakers' attention
In the wake of large-scale digital break-ins, legislatures consider a range of measures to protect consumers.
BOSTON
Sandra Pochapin learned a few key lessons from her ordeal with identity theft. Among them: Check the mail early.
Had she done so, she may have gotten the replacement credit card in her mailbox. Instead, a thief lifted the card and took it on on a $1,200 shopping spree at Lord & Taylor.
Ms. Pochapin eventually recouped her money, but the incident haunted her for months afterward, as the criminal opened other new accounts in her name.
She recalls a Macy's representative calling to ask about a $2,400 bill on her new store card. "I asked them, 'How could you open an account in my name if I already have an account there?' " said Pochapin, testifying recently in front of the Massachusetts state legislature.
Experiences of people like Pochapin, and break-ins at large databases that hold Americans' most sensitive personal information, have grown severe enough in recent months to prompt a new wave of protective legislation by lawmakers at the state and federal level.
The bills are designed to address various aspects of the threat, but, as identity thieves find new ways to ply their trade, the efforts represent a daunting race against crime.
Credit-freeze laws growing
One rising form of legislation, the one being considered here in Massachusetts, allows consumers to freeze third-party access to their credit reports.
"If a security freeze [on my credit reports] had been implemented, this couldn't have happened," said Pochapin. While she admits the thief could have still had a field day at Lord & Taylor, "They wouldn't have been able to open other accounts," since companies don't give out credit cards if they can't review a potential client's credit rating.
Ten states now have credit-freeze laws, with a New Jersey bill awaiting the promised signature of Gov. Richard Codey.
While lauded by many consumer advocates, such measures hint at the challenges of combatting ID theft. Opponents say such laws are intrusive measures that clunk up business practices. Others question if any law can protect personal information from determined hackers.
At the least, if current laws aren't deterring high-tech burglars, neither are security measures. On June 17, MasterCard announced a break-in to the database of payment-processor CardSystems Solutions. The heist, by far the biggest of its kind to date, compromised the account records for millions of Visa USA, American Express, Discover, and MasterCard holders. But MasterCard said a much smaller number of people faced a real risk of identity theft from the breach.
Cardholders honored in a breach
What infuriates ID theft activists is that up until this year, California was the only state that forced credit-card companies to notify their customers about such a raid. There, companies must tell their clients about breaches to electronic, unencrypted databases. Now, 15 states have some sort of breach law, and four more bills await a governor's signature.
Page: 1 | 2 
