Identity theft victims can seek restitution in federal courts, thanks to a cyber-crime bill passed unanimously by the U.S. Senate. The bill also increases cyber-crime penalties and adds cyber-extortion to the list of federal crimes.
Amid Congress' loud brawling over energy legislation the week of July 28,
lawmakers quietly managed to approve a bill to expand the rights of cyber-crime
victims. Approved in a unanimous vote by the U.S. Senate, the bill would allow
identity theft victims to seek restitution in federal court for the loss of
time and money spent in restoring their credit.
The bill, called the Identity Theft Enforcement and Restitution Act, would
also make it a felony to use spyware or keylogging programs to damage 10 or
more computers, regardless of the aggregate amount of damage, and would ensure
that identity thieves who impersonated businesses to steal personal data would
be prosecuted under federal laws. Currently, the law allows only for the
prosecution of identity theft against an individual.
The Identity Theft Enforcement and Restitution Act now goes to the House for
"Because identity theft schemes are much more sophisticated and cunning
in today's digital era, our bill also expands the scope of the federal identity
theft statutes so that the law keeps up with the ingenuity of today's identity
thieves," Sen. Patrick Leahy, D-Vt., said in July 30 floor remarks.
Leahy and Sen. Arlen Specter, R-Penn., originally introduced the legislation
in October 2007 and the Senate approved the measure in November. The House,
however, failed to act on the measure. In order to put the provisions of the
bill back on the table, Leahy and Specter attached the bill to legislation
providing Secret Service protection for former vice presidents.
Leahy said the bill adds three new crimes-passing counterfeit securities,
mail theft and tax fraud-to the list of predicate offenses for aggravated
theft. The bill also significantly increases the penalties for these crimes. In
addition, the legislation eliminates the jurisdictional requirement that a computer's
data must be stolen through an interstate or foreign communication in order to
federally prosecute these crimes.
"Our bill strengthens the protections for
American businesses, which are more and more becoming the focus of identity
thieves, by adding two new causes of action under the cyber-extortion statute-threatening
to obtain or release information from a protected computer and demanding money
in relation to a protected computer-so that this bad conduct can be federally
prosecuted," Leahy said.