Just this morning, I heard on the radio that New York's senior Senator Chuck Schumer plans to push legislation around creating an airline passengers "bill of rights." I, for one, don't particularly like being trapped on the tarmac for hours on end, so kudos to Sen. Schumer.
But that's not the only "bill of rights" that should make headlines. The Identity Crime Victims Bill of Rights also seems to be gaining steam as well.Congress met this past Friday with the vendor council of The Santa Fe Group, the security consultancy run by former BITS CEO Catherine Allen. This follows June meetings where Allen and other identity theft experts testified before the Congressional Committee on Oversight and Government Reform's Subcommittee on Information Policy, Census, and National Archives.
This most recent meeting was meant to hammer out legislative language to advance the rights of ID crime victims. According to a release from The Santa Fe Group, the recommendations were drafted by members of the Legislative Subcommittee of The Santa Fe Group Vendor Council's Victims' Rights Working Group. Five main tenets form the core of their suggestions:
1. Funding to encourage state and local law enforcement to use Federal Trade Commission tools for documenting and reporting identity crimes. 2. Amendments to the Health Insurance Portability and Accountability Act (HIPAA) to define medical identity crime, clarify the rights of victims, and assist victims in recovering. 3. Research on the efficacy of documents, such as identity theft passports, that distinguish criminal identity theft victims from perpetrators. 4. A requirement that the Internal Revenue Service flag files of victims and verify any new entries to those files. 5. New regulations, enacted within the next 12 months, to enforce these recommendations.
Rep. William Lacy Clay (D-Mo.) supports these recommendations and says they will use them as Congress crafts legislation around an ID theft victims' rights bill to "ensures victims of identity crime are treated fairly under the law."
According to The Santa Fe Group, this "bill of rights" calls for consistent processes for handling identity crime incidents in addition to amendments to privacy legislation and regulation so victims can more easily access and correct their personal information records. The five basic rights address the need for legislation that enables individual victims of identity theft to access and correct personally identifiable information (PII) records.
The Santa Fe Group is providing the Bill of Rights draft white paper, titled Victims' Rights: Fighting Identity Crime on the Front Lines, on its website. The company is also looking for participants for its working groups on ID theft awareness and education; legislative affairs around ID theft; and best practices group for promoting resources for victims.
Fighting ID theft is in everyone's best interests. Maybe this bill of rights isn't the be all and end all, but it's a good step in the right direction. The victim should not be treated like the criminal. Never mind the financial implications of ID theft, but there's also a psychological element to it as well. Helping victims rebuild their lives is the right thing to do.
Still, much more could be done on the prevention side. I'm still steamed at how much our social security numbers are used almost haphazardly by utilities companies and other businesses-and if you refuse to give it to them, you don't get served. And there are always delays when such legislation is passed. Look at what's happening the with Massachusetts data privacy law. Originally due to take affect this May, it is now being delayed until March of 2010.
Also, it may not even be a matter of there being dishonest people at these companies that house your SSN and other personal information-it's the lax data security you have to worry about. And good old fashioned dumpster diving, of course. We can only hope use of shredders is increasing.