Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bill Introduced to Congress Would Allow ID Theft Restitution

Zonk posted about 7 years ago | from the an-increasingly-common-problem dept.

Privacy 166

verybadradio writes with an article at News.com about a bill introduced into Congress that would allow citizens who have been victimized by identity theft to seek repayment for the money and time spent repairing their credit history. The bill was introduced by Democrat Patrick Leahy of Vermont and Republican Arlen Specter of Pennsylvania. "Last year, 8.4 million Americans were victims of identity theft, and many were left with a bad credit report, which takes months or years to repair, the lawmakers said ... The bill would also eliminate a requirement that the loss resulting from damage to a victim's computer must exceed $5,000 for prosecution; make it a felony to use spyware or keyloggers to damage 10 or more computers; and expand the definition of cybercrime to include extortion schemes that threaten to damage or access confidential information on a computer."

Sorry! There are no comments related to the filter you selected.

Wow... (4, Insightful)

DragonPup (302885) | about 7 years ago | (#21013779)

...a cyber-crime bill that seems to be actually useful. Did we step into Bizarro America?

Re:Wow... (1, Insightful)

EMeta (860558) | about 7 years ago | (#21013829)

Only if it passes...

Re:Wow... (1, Flamebait)

jackpot777 (1159971) | about 7 years ago | (#21013957)

Are you expecting Donatelli Group to tell Bush to veto?

Re:Wow... (1, Funny)

Anonymous Coward | about 7 years ago | (#21014143)

If they mention "think about the kids" it will pass

Re:Wow... (1)

Volante3192 (953645) | about 7 years ago | (#21014245)

That didn't work for SCHIP.

Re:Wow... (0)

Anonymous Coward | about 7 years ago | (#21014847)

Ha! It worked on Congress! And the President today complained [cnn.com] that Congress was too slow on enacting children's health care laws!

OT: SCHIP (2, Funny)

Kadin2048 (468275) | about 7 years ago | (#21015095)

That didn't work for SCHIP.
Yes, I have to admit that outbreak of common sense on the part of the Executive Branch was unexpected, to say the least.

Re:Wow... (3, Insightful)

Necreia (954727) | about 7 years ago | (#21013859)

These issues have been plaguing Credit companies with costs to make customers 'happy'. It's been a financial hit on those that have... shall I say: Strong pull in government. Now, those same people can just attack the assailant instead of trying to get things corrected through their credit institution. The law, I'd assume, is to actually support/help the credit companies-- meaning that it being a benefit to the consumer is a side effect. Don't worry. We didn't go and be all sensible towards the general public on purpose or anything.

Oh Not This Again (4, Insightful)

mpapet (761907) | about 7 years ago | (#21014807)

These issues have been plaguing Credit companies

1. Your premise is wrong. The banks DO NOT assume the costs of fraud. Merchants absorb all of the cost of fraud and pay the bank a penalty too. The costs are shifted to consumers through higher prices. Bottom line: The Association banks benefit greatly from fraud.

2. The bill in question is the wrong way to address the issue. The card associations have a solution to the problem except they won't implement it because it cuts into their fraud revenue and the costs are much higher per-card than dumb plastic/mag-stripe. The standard is called EMV. It solves 98% of fraud issues. Today. The other 2% I'll blame on bad coding.

Re:Oh Not This Again (5, Insightful)

dgatwood (11270) | about 7 years ago | (#21015143)

Credit card number theft is almost an insignificant issue. I've had unknown charges occur on my credit card, and in one of those cases, the card company contacted me. The other one only required a simple phone call. I'm not sure how they got the numbers---one of those cards had only been used once at CostCo---but it happens. Either way, it didn't cost me a dime.

This is about identity theft---stealing enough information to obtain credit cards of your own in someone else's name, then racking up thousands of dollars of debt. EMV doesn't solve any fraud issues because most identity theft is either A. caused by somebody giving out information too willingly to someone who really doesn't need it, or B. caused by somebody who should have been trustworthy not taking care of the data that they retain. EMV won't help either of those situations. (For people who aren't aware, EMV is a smart card system for credit cards. AFAIK, EMV also won't really solve card number theft, since internet purchases have to be made the old-fashioned way unless you just happen to be willing to buy a reader for your computer....)

The only thing that will really solve identity theft is making credit card companies and credit agencies fully responsible for every penny of losses due to identity theft. This law is exactly backwards and should not be passed. The reality is, we wouldn't have identity theft problems if those companies were held liable for losses. You would apply for a credit card, and they would make phone calls to your last known telephone number, give you some code number, and ask you to call a 1-800 number and enter that code in order to complete the request. The fact that they don't do even the most basic checks to verify the validity of a CC request is proof positive that they are content to let merchants and individuals bear the brunt of their own incompetence.

I've never had my identity stolen, but if it happened to me, the first thing I'd do is hire a lawyer to sue every reporting agency that the CC company contacted for credit history information. If the reporting agency were responsible, they would have contacted me and asked for authorization before releasing that information. As far as I'm concerned, a credit reporting agency should not have the right to retain data on me nor to release that data to anyone without my explicit permission. That means checking signatures against known signatures on file, contacting me at known prior addresses/phone numbers, etc. Then, I would follow that by suing the credit card company for similarly failing to properly research the request. When it was all over, my credit history would still be screwed, but at least I'd have gotten enough money out of the dirty scumbags that I wouldn't have to care.

Whoaa there Pardner... (1)

mpapet (761907) | about 7 years ago | (#21015599)

The grandparent wrongly assumes that banks assume the costs of fraud. To which I replied with some educational facts about transaction fraud.

Re:Oh Not This Again (1)

hedwards (940851) | about 7 years ago | (#21015301)

These issues have been plaguing Credit companies

1. Your premise is wrong. The banks DO NOT assume the costs of fraud. Merchants absorb all of the cost of fraud and pay the bank a penalty too. The costs are shifted to consumers through higher prices. Bottom line: The Association banks benefit greatly from fraud.
That is absolutely correct, when I had an unauthorized charge on one of my cards, I had to call up the merchant and have them credit me back on my own. The bank didn't handle any of it. Fortunately, it was a credit card rather than a check, otherwise I might never have seen any money back.

The only thing though is that it goes back further, my mother ended up getting stung for a bad check she accepted twenty years ago, it was at that point already common practice to force the merchants to pay for any fraudulent paper.

2. The bill in question is the wrong way to address the issue. The card associations have a solution to the problem except they won't implement it because it cuts into their fraud revenue and the costs are much higher per-card than dumb plastic/mag-stripe. The standard is called EMV. It solves 98% of fraud issues. Today. The other 2% I'll blame on bad coding.
I would like to see this on top of tougher measures to root out identity thieves. The thing which makes me somewhat nervous about this legislation is that it doesn't appear to require companies like TD Ameritrade to disclose things up front. Much of the time one can find out about a leaked CC number quickly from google than from the company that lost the information in the first place.

Still, if this becomes law it is still an advancement and should help somewhat, but I do agree that it isn't by any stretch of the imagination the end game on this one.

Re:Oh Not This Again (1)

Red Flayer (890720) | about 7 years ago | (#21015589)

1. Your premise is wrong. The banks DO NOT assume the costs of fraud.
Your interpretation of his post is wrong. He DID NOT write that banks assume the costs of fraud.

He wrote that the credit companies pay a lot to make customers 'happy'. In essence, the cost of fixing credit report problems has become prohibitive to the credit companies, so they have begun lobbying for change. I don't agree with him, but that seems to be his point, so please don't refute something other than what he said.

2. The bill in question is the wrong way to address the issue. The card associations have a solution to the problem except they won't implement it because it cuts into their fraud revenue and the costs are much higher per-card than dumb plastic/mag-stripe. The standard is called EMV. It solves 98% of fraud issues
This is in re: identity theft, not simple fraud. EMV doesn't do a damn thing about identity theft, it just adds PIN verification for purchases and ensures that information is encrypted. Someone with access to a person's SSN etc could just as easily get an EMC card and set up their own PIN as get a regular credit card.

Re:Wow... (1)

anti-human 1 (911677) | about 7 years ago | (#21014927)

Credit card companies aren't the ones hit by fraudulent charges. Typically, they bill the -merchant- with a "chargeback," on top of the transaction fee (a few percent) of the original transaction.

Credit card companies aren't really losing money due to fraud. Merchants are.

Ref: Yes I know its not a definitive source. This isn't a paper. [wikipedia.org]

Re:Wow... (0, Flamebait)

inode2 (1175387) | about 7 years ago | (#21014397)

Fighting cyber-crime through legislation of the 'bad' guys is a stupid waste of resources when it can't be remotely effective. Adding legislation that increases the penalties or adds to the excessive number of laws already in place to prosecute these individuals does nothing to reduce crime. You simply turn immoral business criminal and end up with a few individuals who are unduly punished in comparison to their peers who get away scott free. I can't emphasize enough how this harms the Americans as they end up with a false sense of safety. The crimes against Americans don't stop just because a few American business criminals get caught and shut down. If it worked to shut down the American criminal element it would still not reduce the problem of American citizens being victims of identity theft. The only people to blame in many of these cases are the victims themselves given the nature of the Internet (negligent, no technical training), the banks (negligent, fail to limit damages due to lack of further authentication), and the credit industry (horrible systems to determine credit worthiness and horrible methods to authenticate once provided credit).

Re:Wow... (1)

the_humeister (922869) | about 7 years ago | (#21014805)

Indeed. I was wondering why everyone here looked like a gray-skinned version of Superman and Lois Lane with very square features.

Re:Wow... (5, Interesting)

pburdine (1175409) | about 7 years ago | (#21015139)

The problem with this is that it only addresses 1 of the 5 known forms of identity theft. Financial Identity theft is estimated to be less than 26% of all ID theft crimes. For reference the other 4 are: 1) Drivers License - Someone can get using your DL # and you may have moving violations or points on your record that you don't know about it. This can happen in other states and it will take years to get back to you since the DMV's don't communicate all that well. Try fighting that. 2) Medical - Someone has procedures performed or gets checkups in your name. How would you like it if your insurance rates shot up because someone tested positive for HIV on your medical history. How about they change what you are allergic to and next time you go in they give something and you have an allergic reaction. Or maybe change your blood type. This can kill you and no one will know. 3) Character - Do you have outstanding arrest warrants in you name for crimes someone else committed? This can keep you from getting employed or you can lose your security clearance through no fault of your own. 4) Social Security - Has your SSN number been stolen and used by other people and reported to the IRS for tax reasons? You could be liable for a very large tax bill on income you didn't receive. The IRS doesn't care since most of the time they can force people to pay even though it wasn't them. Unfortunately congress doesn't seem to pay attention to the rest of these. Until they address all of them, we are all in trouble. --Peter

Re:Wow... (1, Insightful)

Anonymous Coward | about 7 years ago | (#21015153)

No, it's the same old sameold. Cyber criminals aren't going to be deterred any more by this than they were the old law. The way TFA reads (and yes, Reuters isn't the most accurate mark on the blackboard), the thief is the one who pays. Good luck collecting any money from someone whose assets have been forfeited to government and who is in a federal slammer.

Now, if a law that actually protected the victims of identity theift passed, it would indeed be Bizarro World. What this law would say would be that the corporation who carelessly lost your data through bad security (e.g. using insecure software, insecure passwords, insecure procedures, leaving data unencrypted, leaving data on laptops in the back seat of a convertable, using Active-X, etc) would be the ones to repay the customer, and the customer would be eligible for triple damages.

Pass a bill like this and the only identities that would be stolen would be from dumpster diving and stupid home computer users who fall victims to phishers and won't patch their home OSes and programs. Double Bizarro if the software manufacturer is liable for losses due to badly coded shitware (hello, Microsoft).

Of course, you will never ever see legislation like this in the US so long as (you can stop reading now, I've been preaching this fantasy for a long time and you've surely seen it by now) the US government is a wholly owned subsidiary of the foreign-owned Multinational Corporations. The two reforms that would acomplish this (that will of course never be passed, since the government is a wholly owned subsidiary of the MNCs):
  1. Candidates may not accept money from anyone not eligible to vote for them. As an Illinois voter I should not be eligible to vote for John McCain unless he moves to Illinois or runs for President, and Bill Gates should not be able to vote for Barrack Obama unless Gates moves to Illinois or Obama moves to Washington State or runs for President.

    Money should not be more powerful than a vote. Unfortunately we are not a Democratic Republic, we are a Plutocratic Republic.

  2. Nobody should be able to contribute to more than one candidate in any given race. After all, if a fine American voter named Sony Corporation gives ten million dollars to the Republican and another ten million dollars to the Democrat, it doesn't matter which candidate loses, Corporation wins.


</soapbox>
-mcgrew [mcgrew.info]

Re:Wow... (1)

IndustrialComplex (975015) | about 7 years ago | (#21015283)

Well, Senator Arlen Specter (R-PA) always seemed to be the 'Bizzaro' version of ex-Senator Rick Santorum (R-PA).

While I haven't agreed with all his votes, he has generally been one of the more small 'c' conservatives in the Republican party. I'm surprised he actually gathered as much strength given that he has often been at odds with the party leadership.

I was genuinely upset/worried when he was fighting cancer (Hodgkin's Disease). He is one of the few politicians I actually liked. Glad to see he is still doing enough of what is right to keep us 'surprised'.

Hmm (4, Interesting)

orclevegam (940336) | about 7 years ago | (#21013817)

It all sounds good except this line makes me a bit nervous:

and expand the definition of cybercrime to include extortion schemes that threaten to damage or access confidential information on a computer.

Would threatening to expose a security flaw in a server or website unless it was patched open you up to prosecution under cybercrime laws then? I know that's already fairly shaky ground from a legal standpoint, but would this make it even worse?

Re:Hmm (4, Insightful)

Nom du Keyboard (633989) | about 7 years ago | (#21013887)

It all sounds good except this line makes me a bit nervous:

and expand the definition of cybercrime to include extortion schemes that threaten to damage or access confidential information on a computer.

Would threatening to expose a security flaw in a server or website unless it was patched open you up to prosecution under cybercrime laws then? I know that's already fairly shaky ground from a legal standpoint, but would this make it even worse?

Would this apply to the RIAA and MediaSentry/SafeNet breaking into private individuals computers?

Doubtful (0)

Anonymous Coward | about 7 years ago | (#21015381)

I'm pretty sure they're above the law by now. And if not, they will be after they purchase a few unrelated amendments to laws designed to prevent the exploitation of homeless children.

Won't somebody PLEASE think of the children?

Re:Hmm (1)

faloi (738831) | about 7 years ago | (#21013945)

I dunno... I'd think you'd have to be in a position to personally benefit (one way or the other) from exposing the flaw. For example, telling a company that if they don't pay you money, you'll expose this flaw would definitely land you in legal hot water. Threatening to expose it via telling the company about it, waiting a reasonable time, then publishing it if the company doesn't respond probably wouldn't run afoul of the new law. I would guess that using the flaw yourself to benefit (like through stealing data) is already punishable under current laws.

Extortion. (3, Insightful)

Erris (531066) | about 7 years ago | (#21013983)

Would threatening to expose a security flaw in a server or website unless it was patched open you up to prosecution under cybercrime laws then?

If you ask for money in return for keeping your mouth shut, you are already an extortionist. At the same time, it's hard to see them using the bill [senate.gov] to come after an honest disclosure, where you simply published details. Must find bill to know.

Re:Hmm (1)

Finallyjoined!!! (1158431) | about 7 years ago | (#21014123)

OK, you're never going to get around the terminally stupid, there will always be people who will click a link entitled "Click here to infect your computer" or who will chew bags of silica gel dessicant labelled "Do not eat". Whatever. Let's just ban the use of any Microsoft operating systems. Easy-peasy, lemon-squeezy.

Obvious (1)

Nom du Keyboard (633989) | about 7 years ago | (#21013833)

Why does such an obvious idea take so long to be realized?

Re:Obvious (0)

Anonymous Coward | about 7 years ago | (#21014449)

Why does such an obvious idea take so long to be realized?
Why do such obvious posts take so long to be modded up?

New laws really necessary? (2, Interesting)

RandoX (828285) | about 7 years ago | (#21013835)

So are you telling me that no other laws actually forbid any of these things already? What's wrong with those laws?

Re:New laws really necessary? (1)

bwthomas (796211) | about 7 years ago | (#21014043)

Nothing is wrong with those laws; they're good laws that are obviously needed. But they only criminalize the identity theft. What they don't do is give the victims of identity theft recourse to recover damages from the responsible party, or any party for that matter.

In other words, they attempt to establish a framework by which a person victimized can recover damages from the person who has stolen their personal information and used it illegally, which is something beyond sentencing the convicted person.

Funny, I thought we had a mechanism for that... (1)

SIIHP (1128921) | about 7 years ago | (#21014283)

"In other words, they attempt to establish a framework by which a person victimized can recover damages from the person who has stolen their personal information and used it illegally, which is something beyond sentencing the convicted person."

I thought for sure there was a way to do this already...

http://en.wikipedia.org/wiki/Civil_court [wikipedia.org]

Re:Funny, I thought we had a mechanism for that... (1)

bwthomas (796211) | about 7 years ago | (#21014473)

Right, but on what grounds? The point here is that when there's no law you look at precedent, and when there's no precedent? You either give up, make a law, or set precedent. Clearly setting a precedent by winning a notable case has been impossible, largely because the largest part of the damages are by default not tangible.

What is a good credit score even worth? Did the person take money from you? Nothing, and No, then what do you sue for? Sure, take them to civil court, but what's your argument? This person damaged me. How? Financially. What's the amount of the damage?

I appreciate that you are willing to think about these issues, i think that's important. However, you are entirely too smug for someone who is wrong.

Nope, and it's funny you talk **** but were wrong (1)

SIIHP (1128921) | about 7 years ago | (#21014597)

"However, you are entirely too smug for someone who is wrong."

Funny you should say that, being as it is you who are wrong.

"Right, but on what grounds? "

Fraud.

"The point here is that when there's no law you look at precedent,"

And the point you haven't bothered to learn is that THERE WERE ALREADY LAWS ON THE BOOKS.

And in all seriousness, your post illustrates that you really have no idea WTF you're talking about.

Re:Funny, I thought we had a mechanism for that... (2, Interesting)

jhantin (252660) | about 7 years ago | (#21015561)

#include <not_lawyer.h>

The bank was the fraud victim, you're collateral damage. Er, um, no pun intended...

After the fraud uses your personal information to take money from a third party creditor, said creditor unfairly trashes your reputation, since that's the easiest recourse they have. Actual damages inflicted by the creditor in what looks to me like a defamation case might well be difficult to demonstrate, but not impossible: that nasty little clause in your credit card agreements that makes everything go to 31.99% APR if anything derogatory appears on your credit report means the defamation is costing you actual cash.

Re:Funny, I thought we had a mechanism for that... (1)

Chosen Reject (842143) | about 7 years ago | (#21014515)

I think making it easier for victims to go after the companies/organizations/government that held the data that was stolen would also be appropriate. Rather than mandating what a company has to do to keep your data secure, if you make it easy for a victim of identity theft to sue an organization for leaking that data then we'll see good data protection policies. For example, if you mandate that a company has to use encryption for personal data, then they will use it, but if the data is leaked anyway for whatever reason, they can say "We used encryption" and be absolved of the matter. However, if you make it easy for a victim to go after the leaky org, they will be much more likely to delete personal information that isn't absolutely critical. You can't leak data you don't have. But if they deem that data important enough they will be doing a lot more to prevent data leaks. Perhaps they'll use stronger keys, not allow the data to be on laptops, take the data off the internet if possible, not share that data with their "affiliates," etc.

Re:New laws really necessary? (1, Insightful)

Anonymous Coward | about 7 years ago | (#21014759)

Notably absent (based on my reading of the superficial article) is any provision that would formalize a victim's right to seek damages from either the credit reporting agencies or the credit issuers.

It's basically useless to try to get money from the criminals themselves since they're unlikely to have much to begin with and will likely spend anything they do have trying to defend themselves. It would be much more useful to be able to go after the businesses that can make it more difficult to commit identity theft. If they were partially responsible for the damages done by identity theft, there's a much greater chance that we'd see improved practices and security in the credit issuing industry.

Illegal, but not as recoupable (1)

phorm (591458) | about 7 years ago | (#21014511)

Forbid yes, get your cash back, no. Although technically you could sue them in claims court, perhaps this will make the process a bit smoother for the victim(s).

Personally, I'd like to see something that not only makes the identity-thieves culpable, but the companies that have allowed such identity theft to occur due to improper handling of sensitive private information...

Usually (3, Interesting)

evanbd (210358) | about 7 years ago | (#21013845)

My usual reaction to identity theft laws is "Aren't existing fraud laws sufficient?"

At least at first glance, however, this bill seems to be doing more, and doing it in a useful manner -- not solely a "well, let's make it more illegal!" type of bill.

Re:Usually (3, Informative)

vertinox (846076) | about 7 years ago | (#21014507)

My usual reaction to identity theft laws is "Aren't existing fraud laws sufficient?"

No. But its not the identity thieves the laws should target (because its hard to track them down) but the credit companies and the companies that accept fraudulent credit.

Simply letting someone ruin another persons life with a birthday and a social security number is a horrid method for identification. It really needs to stop and there should be recourse for identity theft victims to go after credit companies who allowed such a transaction to happen.

Of course these credit companies are the ones trying to make a buck by offering "protection" services when they are the ones who let these transactions happen with little background checking.

Re:Usually (1)

DeadManCoding (961283) | about 7 years ago | (#21015557)

Mod parent up! Ever since the inception of the current administration, I've been very leary of any new tech related legislation. However, I'm in total agreement with this. As many others have noted, about time!!

why can't we get what the RIAA gets? (3, Insightful)

User 956 (568564) | about 7 years ago | (#21013847)

a bill introduced into Congress that would allow citizens who have been victimized by identity theft to seek repayment for the money and time spent repairing their credit history.

If they set the damage levels anything near what the RIAA got in their last downloading lawsuit, that would put the brakes on ID theft right quick.

Re:why can't we get what the RIAA gets? (3, Insightful)

neil-ngc (1019290) | about 7 years ago | (#21013979)

We shouldn't. Really, the correct response to unreasonable copensation on a pro-rich people law is to fix the bad law, not right equally unreasonable payouts into a pro-average joe law. A law that makes it easier for victims to fix things up and get compensation for their losses and time is reasonable. Even some modest punitive damages are reasonable. But stupid sized compensations like those under the DMCA just give the green light to write more laws with stupid compensation levels, and you may not like the next one.

Re:why can't we get what the RIAA gets? (2, Interesting)

orclevegam (940336) | about 7 years ago | (#21014025)

If they set the damage levels anything near what the RIAA got in their last downloading lawsuit, that would put the brakes on ID theft right quick.

Oh yes, because those Chinese, Russians, and others located outside the US are so mortally afraid of being sued for a hojillion dollars. The one good thing this law is doing is allowing the victim to recoup some of the loss, and maybe might act as incentive for the credit card companies to actually do something to reduce identity theft. The problem till now is it was always the victims eating the costs of identity theft, not the credit card and credit reporting agencies.

Re:why can't we get what the RIAA gets? (1)

arivanov (12034) | about 7 years ago | (#21014157)

Can't quite see your point.

They cannot apply for a mortgage or loan in an American's name while in China.

Russian or Chinese steal your DATA, not your identity. This DATA may be used to steal your identity later on. In order to do so, the criminal has to be in the same country as the victim. Otherwise he cannot draw benefits or apply for a loan. As a result, the person committing the actual felony of identity theft is usually a national or permanent resident.

Totally legal international business wants YOU! (0)

Anonymous Coward | about 7 years ago | (#21014619)

Totally legal international companies recruiting for intelligent employees with no investment needed? Maybe you haven't noticed half the spam these days are from these guys.

That is how they use your credit cards, buying goods to ship to recruited forwarders to send the purchased goods out of the country and take the fall. Almost all credit fraud is in this form. It is tons of small value frauds supporting foreign black markets.

No one takes a mortgage on your credit, that is stupid and easily discovered/stopped. Buying cars only works once and is usually a quick way to get regular cops to go after the guy for grand theft, not the 2.5 FBI agents actually working credit fraud. Most of that is just crap credit rating companies made up to scare you into paying them not to give out your info.

The biggest scare is dumb criminals pretending to be you, but that is rare these days as it isn't that profitable. People filling out credit cards in your name happens, but that can occur without SSN or any checks and usually once reported goes away from your credit and the card company takes the hit.

Re:Totally legal international business wants YOU! (1)

arivanov (12034) | about 7 years ago | (#21014857)

I have noted the SPAM, but I have yet to see how they can do any of that without your (or other person in-country) cooperation. The most common use for this ruse is using stolen data or credentials to transfer all the money to the account in control of the person who has fallen for the "investment" ruse and from there push it out of the country. Considering that most consumers are currently way into the red ink and have very little in the way of cash in their accounts you cannot really make a killing by plundering their accounts this way. A thousand here or a thousand there and this is about it.

You have to dip into their credit. In order to do that you have to pretend being them. Hence, I think my point is still valid. In order to steal an identity you have to be in the country. All the stuff you can do from outside the country is small change and does not get past the credit card processor/bank/insurance stage.

Re:why can't we get what the RIAA gets? (1)

sumdumass (711423) | about 7 years ago | (#21014413)

What makes you think that? Most people, just like the defendant in the last RIAA case will never have the money to pay it. At most they will make payments but lets face it, unless your skilled in an area in need of qualified employees, your not really going to be getting good paying jobs with a theft related felony on your record.

And if you could get a job paying the bills, how much extra do you think you might have or worse yet, how long would you keep the job if they kept putting you back in jail for not paying the fines/restitution?

I have a motorcycle stolen once. The thief was order to pay damages to the bike and all tow bills, impound fees ect. I never saw a dime of it. After he was released on parole, I went to his PO officer to find out were he was working and I had his wages garnished. This caused him to not be able to afford the rent, he was evicted and his PO officer put him back in jail for another year. I still never saw anything because what was taken from his check ended up going to his landlord instead of me for some reason. The state kept his tax returns (both state and federal) to pay for his imprisonment. He got out again, This time I sent a lawyer to negotiate weekly payments he could afford but after fines and all that he had to pay to stay out of jail, he supposedly could only afford something like $1.50 a week. And that was using some support calculator that the court normally accepted. I was advised to eat the costs and drop it. Of course this went on for like 6 or 7 years later so I already ate the costs.

Re:why can't we get what the RIAA gets? (1)

mpapet (761907) | about 7 years ago | (#21015065)

What puts the brakes on ID theft is implementing EMV. Most of the laws like this one simply protect the card association bank fraud revenues.

The cost of a fraudulent transaction is shifted to the merchant -plus- penalties. The association banks generate good (but not too much) fraud and "credit protection services" revenue. That's how they can afford gigantic advertising budgets. http://www.mind-advertising.com/us/visa_us.htm [mind-advertising.com]

The EMV standard practically eliminates fraud and is in use in many industrialized nations on a massive scale. Someone should ask the U.S. banks why they won't implement it.

Instead, we get ridiculous bills like this.

Where have I heard "damage computers" before... (3, Insightful)

HTH NE1 (675604) | about 7 years ago | (#21013881)

make it a felony to use spyware or keyloggers to damage 10 or more computers;
Expect an exception amendment to the bill on behalf of the RIAA, MPAA, BSA, etc. from Senator Orrin Hatch to try granting themselves immunity again.

Re:Where have I heard "damage computers" before... (1)

Dachannien (617929) | about 7 years ago | (#21014707)

Also, expect Berman and Coble to take care of business (literally) in the House if the Mafiaa can't ramrod it through in the Senate.

Why ten? (1)

kilo_foxtrot84 (1016017) | about 7 years ago | (#21013927)

What's the rationale behind having ten computers be the felony limit? Why not seven, or five?

Re:Why ten? (4, Funny)

pintpusher (854001) | about 7 years ago | (#21014049)

It should be 10 computers, as in one more than 1 computer.

Re:Why ten? (1)

BadMrMojo (767184) | about 7 years ago | (#21014251)

Thieves who have to count out victims on their fingers are assumed to be a bit slower and, therefore, much less dangerous.

(Ok, so it was a poor attempt after the binary reply above but that's a tough act to follow.)

Re:Why ten? (1)

kilo_foxtrot84 (1016017) | about 7 years ago | (#21014533)

(Ok, so it was a poor attempt after the binary reply above but that's a tough act to follow.)
My original thought was something about cat macros and nine lives, so I'm definitely not going to cast any blame your way. :-P

Re:Why ten? (1, Insightful)

Anonymous Coward | about 7 years ago | (#21014477)

For similar reasons to why e.g. a tax law may reduce the tax rates on investments held for 7 years, rather than 5 or 10 - they have to pick a number that's going to be in aggregate the most right and the least wrong. Being a convicted felon is a fairly serious thing, isn't it so in the US that you lose your right to vote, and get banned from a number of jobs? I'd saying having it a felony by itself to install a keylogger on one computer is as draconian as the total sum from the RIAA lawsuit, but clearly doing it on 30 or 40 computers might not be. Ten seems to be a number that they feel hurts when it should hurt.

This is a step in the right direction (1)

CaptainPatent (1087643) | about 7 years ago | (#21013931)

I'm sure there's a heavy following on /. for online MMORPGs where goods can be purchased from an online store for real money. There has always been a huge amount of credit card fraud occurring because there is no physical location ever divulged in order to gain access to these goods. Everything is strictly online. The problem is many people would run up a debt on a stolen credit card of (literally) $4990 and move on to the next card. With this bill, people like that would be prosecutable.

I think this is a step in the right direction for a more internet-oriented society.

The nature of the identity theft crime... (2, Interesting)

Bill the Cat (19523) | about 7 years ago | (#21013949)

...cries out for an approach similar to the combating of piracy back in the 1700 and 1800's, eg) issues of letters of marque, allowing private citizens to capture or do damage to the criminals.

Re:The nature of the identity theft crime... (2, Interesting)

kilo_foxtrot84 (1016017) | about 7 years ago | (#21014107)

...until the system is abused. Actually, a quick check shows that the US Congress is empowered by the Constitution to issue letters of marque to private citizens. I wonder if they're issued all that often now...

Re:The nature of the identity theft crime... (2, Insightful)

firecowboy (931129) | about 7 years ago | (#21014487)

Blackwater USA

Now if only... (4, Insightful)

InvisblePinkUnicorn (1126837) | about 7 years ago | (#21013965)

Now if only the penalties for stealing a person's identity, money, and ruining their credit history for years could match the penalty for having a certain flowering plant in your pocket, maybe the court system wouldn't be such a joke.

Bill Number (1)

andphi (899406) | about 7 years ago | (#21013999)

Does anyone know the name or number of the bill in question?

The nearest match I can find on thomas.gov: http://www.thomas.gov/cgi-bin/bdquery/z?d110:s.01178 [thomas.gov] : seems to date back to February, whereas the News.com story implies that the Bill was introduced on Oct 16.

Bill Number (110) S.2168 (2, Informative)

megaditto (982598) | about 7 years ago | (#21014499)

Leahy did release the PR blurb on it, but the full text is kept secret of course (Dems want to get paid too)

Track the bill here: http://www.govtrack.us/congress/bill.xpd?bill=s110-2168 [govtrack.us]

Rejected... (1, Funny)

InvisblePinkUnicorn (1126837) | about 7 years ago | (#21014013)

The article continues: "The USPTO immediately rejected Mr. Leahy's proposal as obvious."

Years too late (5, Insightful)

angryrobot (223166) | about 7 years ago | (#21014021)

I was the victim of identity theft about 6 years ago. It took me literally 2 years to clear my name. That's 2 years of making long distance phone calls, tracking down the right people, emailing, photocopying birth certificates and licenses, making police reports, etc, etc. All the while I was looked at with suspicion and I basically had to prove my innocence!

Whose fault was it that my identity was stolen? That would be the credit bureaus and the credit card companies that allowed it to happen, not me. It is their system that is at fault for allowing people to steal identities so easily. So why am I responsible to clean up their mess? If I have marks on my credit report, I should be able to tell the bureaus and that should be the end of it. I think restitution is the least they can do.

Re:Years too late (4, Insightful)

jav1231 (539129) | about 7 years ago | (#21014213)

Agreed. I can't for the life of me understand why when ID theft is identified your credit score isn't immediately returned to the state it was in on the date the theft is pinpointed. THAT should be in this bill.

Re:Years too late (1)

gillbates (106458) | about 7 years ago | (#21014497)

I can't help but wonder if a notarized letter stating something to the effect of, " Failure on your part to accurately verify the identity of the participant in a financial transaction does not incur a liability on my part. However unfortunate your loss, it was not caused by me, and I will not be held liable for it. Subsequent attempts to contact me on this matter will be ignored. " would work.

I'm pretty sure you could turn it into a form letter, and send it to any debtors you didn't recognize.

Re:Years too late (1)

Tacvek (948259) | about 7 years ago | (#21015439)

I can't help but wonder if a notarized letter stating something to the effect of, " Failure on your part to accurately verify the identity of the participant in a financial transaction does not incur a liability on my part. However unfortunate your loss, it was not caused by me, and I will not be held liable for it. Subsequent attempts to contact me on this matter will be ignored. " would work.

I'm pretty sure you could turn it into a form letter, and send it to any debtors you didn't recognize.

That might have some impact, but remember that unless you can convince the credit reporting agencies that those debts should be removed from your credit history as they were not really your liability, you will still be impacted. And the credit reporting agencies will be very reluctant to remove items for that reason, or otherwise people will attempt to remove from their records cases in which they really did default on a loan, by claiming it was identity theft.

Re:Years too late (1)

Notquitecajun (1073646) | about 7 years ago | (#21014637)

As much as it sucks for your situation, and should probably be made easier, it shouldn't be as easy as you state. I work in the collection industry, and ALL the time we have people telling us over the phone that it was fraud and they never do anything about it...mostly because it isn't fraud. True, the system steps on honest people, but if the system were made as easy as you say, it would make it far too easy for people to game the system and get out of paying what they owe.

Re:Years too late (0)

Anonymous Coward | about 7 years ago | (#21015383)

How about the industry actually try to IDENTIFY who they gave the shit to in the first place instead of calling everyone a liar?

Re:Years too late (1)

vertinox (846076) | about 7 years ago | (#21014731)

Whose fault was it that my identity was stolen?

I haven't ever been a victim of identify theft, but I wouldn't be surprised if one day I would even though I guard all my personal information like a rabid pit pull and shred all my mail.

The simple fact that most credit companies only need a birthday and a social security number is what drives me mad, because I'm asked by everyone for both in casual situations.

I bought a new cell phone the other day and it required me giving my Social over to the sales person even though I already had an account with them. She even wrote it down on a scrap piece of paper when she was calling the order it to remember it. I had to ask her at the end of the transaction to have the piece of paper back. I don't think she was stealing but rather it was careless behavior and if someone else grabbed that paper I would have been up the creek.

The whole system needs a password system that is only known by the person themselves and no one else. With a SS number its all over the place and its not too hard to get with enough effort.

Re:Years too late (1)

QuantumRiff (120817) | about 7 years ago | (#21015219)

The whole thing I can't understand is why its your fault, and not the company that doesn't verify your identity? IE, why is it MY responsibility to prove that YOU screwed up? Why isn't it Your responsibility to ensure that your customer is, in fact, your customer?

This is about time (1)

Seismologist (617169) | about 7 years ago | (#21014059)

We'll see if this goes trough. I can assume the this credit rating amendment process, CRAP to be short, will likely die a quick death in congress. I mean, why should "you", of all people, be able to easily challenge the accuracy of "your" personal information that three corporations maintain on you without your consent to begin with really. I'm sure, in America at least, that if you arbitrarily started compiling information on addresses, and names of your neighbors for example and where they shopped etc., and if this came to light, you'd be quickly found to be facing jail time. But this is what the credit rating agencies does to everyone in America unless you opt out. Even if you "opt out", you still "not out" per say as a file is still maintained on you.

This is the WRONG approach (5, Insightful)

erroneus (253617) | about 7 years ago | (#21014095)

The real problem is that, as very well predicted, the use of social security numbers for anything other than social security will lead to all sorts of problems. The fact that a person's identity is essentially just this number and that the credit game has become an entrenched part of commerce and culture, they [the people behind the illegal use of social security numbers -- yes, it's illegal -- law was written to prevent this and everyone, including and especially the IRS has ignored it] have created a situation for which "they" should be held liable. Instead, they create the mess and we are somehow responsible for cleaning up the messes. And now with bills like this, the idea that "we" are responsible for when THEIR credit and identity systems are abused and used against us... that "we" can somehow prevent it from happening and it's our responsibility.

The abuse of SSNs and the credit system at large needs to be dismantled or severely reformed in such a way that the creators of the problem are liable for the problems it causes. As it stands, they can buy and sell "your information" because it's not your data... it's theirs... they collected it! But when it's abused and affects your life, YOU are responsible. How is that appropriate? NO. This bill is VERY wrong. The bill should assign liability to the parties responsible for creating the mess. This is just further effort to assign the liability of the SSN and credit industry to people who may not even be willing participants!

Re:This is the WRONG approach (1)

Hoplite3 (671379) | about 7 years ago | (#21014517)

I agree very much that the SSN as an identifier is silly.

The bill that needs to happen would be one that makes the credit agency (Visa, the mortgage company, etc) who gave credit to the identity thief liable for their actions. This bill puts more liability on the thief, but does little to encourage Visa et al. to use a secure method of identification. Public key exists and is reasonably secure. If the credit card companies could be arsed to use it, we could be free of identity theft.

Re:This is the WRONG approach (1)

archen (447353) | about 7 years ago | (#21014777)

Unfortunately I don't think the way the current system works would allow for dismantling the way the credit system works. Essentially the entire credit system hinges on risk assessment, and the only way to asses that risk with any amount of accuracy is to pool together the different resources a person is involved with, ala - the infamous "credit score". With no way to know what person is more risky than the next we get a more universal spread which tends to punish people with good credit, and reward those without good credit.

I can't say I disagree with you, just that it seems sort of puzzling how society actually got to this point where we have this linchpin concept of 'identity', yet no real way to protect it. And the only reason that 'identity' even matters is because of things like insurance, credit, and so forth - risk assessment. I guess now that I think about it, I wonder if a solution wouldn't be to punish the credit card company for identity theft. That gives them two options. Either take better precautions against it, or stop utilizing that information at all.

Re:This is the WRONG approach (1)

erroneus (253617) | about 7 years ago | (#21015317)

I guess now that I think about it, I wonder if a solution wouldn't be to punish the credit card company for identity theft. That gives them two options. Either take better precautions against it, or stop utilizing that information at all.

That's what I was driving at and that would be the simple and logical solution. But there are many who TRULY believe that business interests are more important than individual interests. They have their simple, easy and convenient method... they bought it and worked over the years to get where they are today. How was it done in years past? By meeting people, letter of recommendation... there was a reason people used to get dressed up in their "Sunday Best" when going to the bank to ask for a loan. But the way things USED to work for them was cumbersome, slow, and worst of all, had too much of a human element involved.

What I find to be refreshing, however, is the growing trend of moving to a credit-free lifestyle. The only things I would consider buying on credit are the more traditional things like houses and real estate. For just about everything else, I'm very reluctant and so are a growing number of enlightened people.

that'll stop 'em (0)

Anonymous Coward | about 7 years ago | (#21014141)

When some lowlife blows out my credit card, sells the stuff for cash, then blows it all on drugs and hookers. I'm sure I'll get lots of restitution from the scumbag.

Yeah baby.

Why do credit bureaus even exist? (1)

svendsen (1029716) | about 7 years ago | (#21014249)

Why do these bureaus exist? They aren't a govt agency, they have no over site, their scoring methods are unknown (I would love to see if race played a factor in them..talk about a law suit), you have to pay them to freeze your account (not the 90 day one), pay to unfreeze them, and every business now feels entitled to use them when seeing if they want to provide you service you are going to pay for (cable company does not need my SSN and pull a credit report), and if they fuck up...guess what...you have to pay to fix everything.

What should be done is have one govt run credit agency, disband the private 3, and only allow the use of it for when loans are made (gee go figure huh). And maybe...JUST MAYBE...have some safe guards in place to prevent identity theft...cause they aren't there now.

Back at my days at GE Credit Card services an individual thought they were in a test system when doing some credit card processing testing for a 3rd party corporation. They used Hilary Clinton's name and address for a testing person. Turns out he was in a production system and it tried to pull her report. Within an hour FBI showed up in full force. Too bad the average American doesn;t have the same protection.

Most of your assertions are wrong (1)

SIIHP (1128921) | about 7 years ago | (#21014525)

"Why do these bureaus exist?"

Because some people are scumbags and there's a market for it.

"they have no over site"

Or maybe they do...

http://en.wikipedia.org/wiki/Consumer_credit_reporting_agency [wikipedia.org]

"In the United States, key credit bureau consumer protections and general rules or governing guidelines for both the credit bureaus and data furnishers are: FCRA - Federal Fair Credit Reporting Act, FACTA - The Fair and Accurate Credit Transactions Act, FCBA - Fair Credit Billing Act, and Regulation B. Two government bodies share responsibility for the oversight, and accuracy of credit bureau data. The FTC - Federal Trade Commission has oversight for the consumer credit bureaus. The OCC - Office of the Comptroller of the Currency charters, regulates, and supervises all national banks which includes with regard to credit bureau reporting."

"their scoring methods are unknown"

Or maybe they aren't unknown, you just didn't search long enough (like the 2 minutes it took me)

http://askville.amazon.com/FICO-scoring-method-works/AnswerViewer.do?requestId=735527 [amazon.com]

Re:Most of your assertions are wrong (1)

svendsen (1029716) | about 7 years ago | (#21014615)

I didnt know about the oversite...

However your link to the how they calculate your credit score is the generic here is what they say. I was referring to the actually formula they use to determine the score (actually both since not all 3 of the credit bureaus use the same scoring system).

So tell me where can I find the exact formula that shows how my credit score is determined? You can't. The formula needs to be public. Cause without the ability to actually SEE the formula we have no idea how they actually get to the score. Just this vague hand waiving.

Re:Most of your assertions are wrong (1)

SIIHP (1128921) | about 7 years ago | (#21014845)

"I was referring to the actually formula they use to determine the score (actually both since not all 3 of the credit bureaus use the same scoring system)."

Read the whole link.

"So tell me where can I find the exact formula that shows how my credit score is determined?"

R-E-A-D T-H-E W-H-O-L-E L-I-N-K. Had you done so, you'd have seen this part

"FICO scores have different names at each of the credit reporting agencies. All of these scores, however, are developed using the same methods by Fair Isaac, and have been rigorously tested to ensure they provide the most accurate picture of credit risk possible using credit report data."

You got what you wanted, you just didn't bother to look for it even after I gave you a link and a FAQ to prevent you from making another mistake.

Re:Most of your assertions are wrong (1)

svendsen (1029716) | about 7 years ago | (#21015229)

I did read the whole link...and googled fair Isaac and guess? Ready for it? You can not find the mathematical formula they use. It is a trade secret they have never released. I don;t care about the break down percentages I want (and the public DESERVES) to know the formula AND any modifications to the formula the credit that a credit bureau has done to it. Else no matter what they say to us (35% is from XYZ, 30% is from BCA) we really have no idea.

Wrong (1)

SIIHP (1128921) | about 7 years ago | (#21015481)

"I don;t care about the break down percentages I want (and the public DESERVES) to know the formula "

WHAT DO YOU THINK I GAVE YOU?

Crap guy, you're acting like that information isn't in the link I gave, you, which, since it is, makes me wondering why I'm wasting time with someone who has obvious reading comprehension problems.

Listen, you claimed a bunch of things that were bullshit, and then after I told you, claimed some other things that were bullshit, and now you're claiming yet MORE things that are bullshit.

I found what you were looking for in 2 minutes. And no, I don't mean my link.

Re:Wrong (1)

svendsen (1029716) | about 7 years ago | (#21015605)

Sorry you are full of it. I read your link over and over just to be sure. It gives breakdown of categories and percentages that is it. A formula would be X= Y +Z / (A * B). Which even when googling does not show.

For example Payment history category (35% of the total score) has seven sub categories to it. What are the weights of each one? How do they get the number for each one. How do the 7 sub categories come together to give you that 35%? I don;t see a single FORMULA on that page.

Are you not getting what I am asking for? Perhaps you are having a trolling day and I have fallen for it...

Leahy-Specter bloviating (1)

michaelmalak (91262) | about 7 years ago | (#21014275)

We don't need more laws, just enforcement. Identity theft almost always crosses state lines, which means the FBI has to be involved, and they don't care about cases less than $25,000 or so.

If there is to be a new law, it should be that the credit reporting agencies should pony up into a fund for the FBI so that they can enforce existing laws. It's the credit reporting agencies that are slandering us consumers based on false information, but they get off scot-free due to laws protecting them.

Re:Leahy-Specter bloviating (1)

kilo_foxtrot84 (1016017) | about 7 years ago | (#21014735)

credit reporting agencies should pony up into a fund for the FBI so that they can enforce existing laws
Perhaps I'm misinformed, but I thought that's what we pay taxes for.

Re:Leahy-Specter bloviating (1)

michaelmalak (91262) | about 7 years ago | (#21015331)

Perhaps I'm misinformed, but I thought that's what we pay taxes for.
Sadly, yes that's generally what taxes are for. User fees are better at keeping taxes down than just paying for everything out of a general fund. The credit reporting agencies get special protection by the Fair Credit Reporting Act from lawsuits by consumers over false information, and they should pay for the privilege.

Wouldn't it be nice (1)

Evets (629327) | about 7 years ago | (#21014379)

Wouldn't it be nice if they came up with a law that ordered the credit reporting agency's to correct an identity theft victim's credit report data in a timely manner? Or maybe mandated a level of service beyond "send us a certified letter and we'll get back to you within 4 weeks and whatever we say then is final - but don't make the letter any longer than 65 words or we won't read it"

Can we sue the credit reporting agencies? (5, Interesting)

140Mandak262Jamuna (970587) | about 7 years ago | (#21014387)

For slander or defamation?

Basically, someone impersonates me. Some bank/merchant/credit card company extends credit without verification. The impersonator defaults. They report me as the deadbeat. That is the scenario. The creditor who mistakenly reported me should be liable for slander. The credit reporting agencies should be considered accessory after the fact. So the real culprits are the people who extend credit without verification and people who report me as a deadbeat without justification. Normally if they have to face full consequences of their action, they will clean up their act and we would not need any special laws for identity theft.

But congress in its infinite stupidity holds the impersonator the responsible for my ruined reputation. The impersonator is liable for lying, cheating, committing forgery and is responsible for all the damage caused to the credulous creditor. And if they call me a deadbeat without proper verification whoever reported me as the deadbeat is responsible for the damage caused to my good name.

As usual it is a credit reporting agency liability protection act being sold to the public as an anti-ID theft law.

Re:Can we sue the credit reporting agencies? (3, Insightful)

jfengel (409917) | about 7 years ago | (#21014819)

I believe they don't want to push it too hard because easy credit is an important driver in the economy. They give you easy credit, you buy houses and cars and stuff on credit cards, and lots of people get jobs selling you those things.

There's the fact that they make it too easy for people to buy stuff without realizing that they have to pay it back, but it's kind of a separate issue. If they erred on the side of security, the economy would slow drastically. You'd need an economist (which I am not) to run all the numbers, but basically the assertion is that the amount of fraud does less damage to the economy than the good done by easy credit.

What we really need is to make it easy to get credit if you qualify and not if you don't, which means forcing the credit providers to come up with a better mechanism for verifying identity than they're currently using (which is essentially none at all). There are difficulties there with civil liberties, as well as the fact that if you put more faith in a better authentication mechanism you suffer even more when it's broken (and there are no unbreakable authentication mechanisms).

Plus, there's the fact that the credit providers are personally profiting from the current rules. Which means it would be up to government to mandate a better scheme, which (a) they would do badly, like those idiotic RFID passports, and (b) would certainly set records for new forms of civil liberties violations.

Re:Can we sue the credit reporting agencies? (1)

Creepy Crawler (680178) | about 7 years ago | (#21014885)

If the creditors cared about slowing fraud, they'd make every credit app require signing by a notary public.

What exactly are notary publics there for, if not document security? There here for a reason. Use em!

Re:Can we sue the credit reporting agencies? (1)

Creepy Crawler (680178) | about 7 years ago | (#21014821)

To your knowledge, has anybody tried to sue the Big 4 (was 3..) for defamation of name in identity theft cases?

Forget restitution... (1)

drunken_boxer777 (985820) | about 7 years ago | (#21014471)

If I had my identity stolen, I'd just want 10 minutes alone in a locked room with the bastard. I'm pretty sure I could give him hospital bills equaling my losses in time and money. He might've ruined my credit, but I'd ruin his ability to walk.

Re:Forget restitution... (1)

kalirion (728907) | about 7 years ago | (#21014611)

If I had my identity stolen, I'd just want 10 minutes alone in a locked room with the bastard. I'm pretty sure I could give him hospital bills equaling my losses in time and money. He might've ruined my credit, but I'd ruin his ability to walk.

Are you so sure you won't turn out to be the one with the hospital bills. Might want to add a clause requiring him/her to be tied up.

Re:Forget restitution... (1)

drunken_boxer777 (985820) | about 7 years ago | (#21015161)

Of course I am sure. This is the internet. If I say that I am a 6'6" 230-pound ex-Navy Seal who professionally fights in "the Octagon", then it must be true! Do you really want to find out? ;)

Law has it backwards (0)

gurps_npc (621217) | about 7 years ago | (#21014483)

What is SHOULD do is:

1. Allow the victim to easily establish a date of first victim hood and change his name.

2. Start new credit history using everything pre-date.

3. Prevent any mention of his old name for anything that happened post date from being connected to his new name.

THAT would be a real help. Money from thieves is not a reasonable idea. If they had money most would not be stealing, and any remaining assets will certainly be eaten up by court costs.

wow (2, Insightful)

valkabo (840034) | about 7 years ago | (#21014555)

Did we step in Bizzaro slashdot where we don't see how abused this will be??

make it a felony to use spyware or keyloggers to damage 10 or more computers
So basically, I am a felon about 30 times over because of work. Also, how long before installing kazaa becomes a felony because of its loaded spyware? Think about it.

So...who will actually pay?? (0, Flamebait)

moracity (925736) | about 7 years ago | (#21014769)

This is more waste of Congressional salaries. Who ya gonna sue?? Like the person who stole your ID is going to have any assets. This is just another way to line the pockets of ambulance chasers. The lawyers will get YOUR money and you get SQUAT in return. This is a joke, just like most civil suits are. You may get a judgement, but you'll never see a penny. The only people making money here are lawyers.

Re:So...who will actually pay?? (1)

edraven (45764) | about 7 years ago | (#21014965)

I could be crazy, but I have a feeling that identity thieves often operate for profit.

Now the hard part ... (0, Offtopic)

morphiussys (1017948) | about 7 years ago | (#21014971)

Now the hard part. Getting it to pass with minimal pork. HR 676 (National Health Care) has been introduced in 108, 109, and 110, but never really got anywhere. We can only hope it will get somewhere.

Restitution from ... who? (1)

OldHawk777 (19923) | about 7 years ago | (#21015399)

AFT: Bill to Allow ID Theft Restitution, could be vetoed by our master POTUS.

A bill introduced into Congress (has it passed?) that would allow citizens who have been victimized by identity theft to seek repayment for the money and time spent repairing their credit history.

The real question can we seek restitution from the financial/business institutions that so irresponsibly allowed the identity theft?

Partners in the ID theft crime ... Government, Military, Banks, Credit companies, auto, and large/expensive products retail businesses all do a credit check and provide the base-requirements for the identity theft to the criminals/organizations, veterans information was provided by the VA, anyone over 20yo your SSN has been circulating in the cyber-criminal/cracker domain for for more than a decade (same for most under 20yo).

Any one of the legit-partners in the crime could have prevented the crime from occurring. Our houses, cars, businesses we use locks and alarms for protection, and then purchase insurance for further financial protection. This was not done in any way that protected the tax paying citizens and bill paying customers.

A credit company could call my same home phone number they have on file for the last 15 years, but that would have slowed business and lost sales. The ID data, required for transactions, prior to sharing/providing to any businesses sould have been asked to eConfirm state business license or federal export license legitimacy. The current commercial on TV about ID theft $1M insurance is a business created by the partners in crime more than the criminals. So, much could be done by Government and Businesses to prevent identity theft, but all I have seen is a criminal and/or political fraud shill-game on US Citizens.

Anyway, if the law protects the partners-in-crime businesses and government institutions from paying restitution, then we are back at FUS Citizens, because you can never get blood out of a turnip (IOW: Who has the money for restitution? It is a rhetorical?)

Anyway, be sure to include the businesses/banks/government in the lawsuit as the ID thief's partners-in-crime, or you will just be throwing more of your money in an empty hole with no chance of any real restitution. If you don't know how "no restitution" feels, well ask any street corner male/female hooker how it feels to get no restitution for hard-luck services rendered.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?