CALIFORNIA IDENTITY THEFT NUMBERS SLOW DOWNMercuryNews.com | 07/17/2005 | Growth of identity theft is slowing in CaliforniaGrowth of identity theft is slowing in California

STATE SENATOR CREDITED WITH HELPING TO PROTECT CONSUMERS' PRIVATE DATA

By Kathy Kristof

Los Angeles Times


Thanks partly to laws pushed for by California state Sen. Debra Bowen, growth of identity theft has slowed in California, where state legislators are trying to strengthen regulations.

Long before identity theft reached epidemic proportions, Bowen, D-Redondo Beach, was pushing laws to protect consumers' private information. She was proposing privacy bills as early as 1995, and in 2001 pushed through a state law restricting access to Social Security numbers, which are the keys to unlocking enough personal information for thieves to apply for credit in someone else's name.

Bowen is part of a cadre of California and federal legislators who have made progress against identity theft but continue to seek ways to stem the flow of lost and stolen personal information that feeds it.

But the once-exponential growth of identity theft is beginning to taper off, government officials say.

And California, long the identity theft capital of the country, is seeing slower growth than the national average, with an 11 percent increase in reported cases last year compared with a 14.6 percent hike nationwide.

Part of the reason that California has made some progress is that the Golden State has the strongest privacy protections in the country, said Kerry Smith, senior consumer attorney with the State Public Interest Research Group in Philadelphia.

Thanks to Bowen's 2001 law, banks, insurers and credit card companies must truncate Social Security and credit card numbers sent to Californians in the mail, and health-care cards can no longer list Social Security numbers as an identifier.

The state's residents also have the right to freeze their credit reports, and they're among a fortunate few in the nation who have the right to be notified if their personal information is compromised.

Bowen continues to try to build on those regulations. ``We've got to make sure that private information is going out in fewer places,'' Bowen said earlier this month.

This year she proposed a bill that would strengthen the state's notification law, and she is considering legislation that would establish data-handling standards for industry to prevent some of the seemingly careless gaffes -- lost or stolen computers containing unencrypted consumer information, for instance -- that have exposed more than 58 million Americans to identity theft in the last two years alone.

``There are no laws affecting how people in the private sector handle data,'' she said. ``The number of times that there's a laptop stolen, or there's some mistaken transfer of data with no encryption, no tracking and no consequences, is phenomenal. We are at the early end of this, but we are starting to look at whether there should be standards for the handling of personally sensitive information -- or, at the very least, some system to penalize companies that have been negligent.''

Bowen and other California legislators are also trying to expand privacy rights to residents of other states. Democratic U.S. Sen. Dianne Feinstein recently sponsored a bill to extend to all Americans the right to be notified of a security breach.

As of January, only Californians had the right to be notified when companies lost track of their personal identifying information, such as Social Security and credit card numbers or driver's license information, said consumer attorney Smith.

That notification is important, experts say, because it can give the consumers the ability to put a fraud alert on their credit file, preventing criminals from obtaining credit in their names.

``Identity theft is a national problem that requires a federal solution,'' Feinstein said in recent congressional testimony. ``One strong notification standard is what we need, not a patchwork of state laws.''

This year, notification laws were proposed in 35 states -- 14 of which were successful and will go into effect in the next 12 months; 27 states proposed data freeze laws.

Jennie Bretschneider, a Bowen staffer, said that with privacy laws changing so rapidly, one of the challenges was to inform consumers about the rights they already have. ``We know that our data freeze law isn't used very much because very few people are aware of it,'' Bretschneider said. ``One of our big challenges is getting the word out.''