Improved cyber security, increased law enforcement and public education top the recommendations of President Bush’s Identity Theft Task Force plan issued today. The president created the task force in May of last year with a mandate for final recommendations by November 2006.
The plan calls for national standards to be established for the safeguarding of personal data by the private sector and breach-notification standards for data theft that pose a “significant” risk of identity theft. Federal agencies, the plan states, should better protect the Social Security numbers of consumers.
It would also add a mandatory two-year prison sentence for identity thieves under the existing aggravated identity-theft statute. Other law enforcement recommendations include broadening the electronic data-theft statute by eliminating the current requirement that the crime be interstate in nature.
In addition, the plan suggests amending existing laws to help prosecutors charge identity thieves who use malicious spyware. Also, the plan calls for a National Identity Theft Law Enforcement Center to improve information sharing.
“This new plan represents an important step forward in America’s effort to fight back against identity theft,” Attorney General Alberto Gonzales said at a press conference. “We have acknowledged that this is not a new problem, and our report builds upon many years of effort by our federal, state and local partners, as well as the private sector and non-profit organizations.”
Federal Trade Commission (FTC) Chairman Deborah Platt Majoras said the plan was a blueprint for increased federal prevention and protection of personal data. “Identity thieves steal consumers’ time, money and security, just as sure as they steal their identifying information and they cost businesses enormous sums.”
The plan drew mixed reviews from at least two groups with deep roots in battling identity theft.
“This report represents a critical step in the federal government’s role to protect consumers from identity theft,” Robert Holleyman, president and CEO of the Business Software Alliance (BSA), said in a statement lauding the task force’s focus on law enforcement, consumer education and beefed-up cyber security by private enterprise and the government.
“Most importantly, BSA agrees with the task force on the importance of closing the gaps in existing criminal statutes in order to provide law enforcement with the ability to effectively prosecute cyber criminals and identity thieves,” Holleyman said.
But the Center for Democracy and Technology (CDT) said the plan only attacks the problem of identity theft at the edges, contending a comprehensive national privacy law is needed to more directly address the threat.
CDT Deputy Director Ari Schwartz praised the task force for taking identity theft seriously, but added, “We’re disappointed, however, that the report only addresses the symptoms of an ailing national privacy framework that is badly in need of an overhaul.
“Until we have strong federal consumer privacy legislation and a serious commitment on the part of the White House to enforce the Federal Privacy Act, Americans won’t be adequately protected against ID theft,” Schwartz added.
The task force also launched a Web site to go along with its recommendations. The site is expected to serve as a clearinghouse for educational resources about identity theft for consumers, businesses and law enforcement agencies.