WASHINGTON—The U.S. Senate today approved legislation aiming to stop identity theft by increasing criminal penalties and creating a new crime of aggravated ID theft, defined as using a stolen identity to commit certain other crimes.
The House of Representatives passed the same bill Wednesday, and the legislation is now headed to the White House for the Presidents signature.
If signed into law, the Identity Theft Penalty Enhancement Act, authored by Rep. John Carter, R-Texas, will require conviction for aggravated ID theft to come with a mandatory sentence enhancement of two years, and aggravated ID theft committed for the purpose of terrorism to come with an additional mandatory five-year penalty.
As a large percentage of ID thefts are committed by insiders—notably at health care and financial institutions—the bill also directs the U.S. Sentencing Commission to revise guidelines for punishing individuals who abuse positions of trust to commit insider identity theft.
The bill does not address the responsibility of organizations to protect the personal data that they collect and store—something that many security specialists consider vital to data privacy and integrity. Initiatives to legislate security practices in the private sector have found little support.
“I would be willing to look at that,” Carter told eWEEK about increasing institutions responsibility to protect personal data. “Lets see what this [legislation] does first.”
Check out eWEEK.coms Security Center at http://security.eweek.com for the latest security news, reviews and analysis.
Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page