[Congressional Record Volume 147, Number 49 (Thursday, April 5, 2001)]
[Extensions of Remarks]
[Pages E564-E565]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




          INTRODUCTION OF THE PERSONAL INFORMATION PRIVACY ACT

                                 ______
                                 

                         HON. GERALD D. KLECZKA

                              of wisconsin

                    in the house of representatives

                        Wednesday, April 4, 2001

  Mr. KLECZKA. Mr. Speaker, I rise today to reintroduce legislation, 
the Personal Information Privacy Act (PIPA), that safeguards consumers' 
personal privacy by giving them the ability to protect personal 
information from being bought and sold by third parties.
  This bill would restore consumer control over personal information by 
requiring that a

[[Page E565]]

third party obtain consent from an individual before making commercial 
use of that person's Social Security number (SSN). In fact, any non-
criminal use not explicitly allowed by law would face this restriction, 
including the growing commercial use of SSNs as personal identifiers by 
various businesses.
  Social Security numbers have become our default identifiers for many 
businesses, and thereby the key to much of our most personal 
information. That has to stop. As identity theft and fraud increases, 
action must be taken to ensure that this personal information remains 
private.
  Under my legislation, refusing to sell services or goods to consumers 
who choose not to furnish their SSN would be illegal under the Federal 
Trade Commission Act, and businesses would be liable for up to $10,000 
in fines per violation for committing unfair or deceptive business 
practices. Credit bureaus would also be prevented from giving out SSNs 
without a person's consent. PIPA would amend the Fair Credit Reporting 
Act and the Social Security Act to authorize civil penalties for 
privacy violations ranging from $25,000 to $500,000.
  Information on products or services bought by an individual and from 
where they were purchased--also known as transaction histories--could 
not be sold or transferred for marketing purposes unless a consumer 
gives written consent.
  We take for granted that our personal information is private. 
Unfortunately, that's not the case. We must take action to guard access 
to our personal information because it's not a commodity to be bought 
or sold. We as consumers should have the final say over how that 
information can be used, not some marketing firm.
  I first introduced PIPA in the 105th Congress, but this version of 
the bill is slightly different than last session's because two of the 
bill's components have been enacted into law. As part of the FY 2000 
Transportation Appropriations bill, state DMVs are now prohibited from 
releasing highly restricted personal information without a person's 
consent. The law now defines SSNs and photographs as ``highly personal 
information'' and requires a person's consent for disclosure by DMVs.
  This is a great start, but there's a lot more to be done. We must 
curb the rampant use of SSNs as personal identifiers. This bill is an 
important step toward more complete personal privacy protection. I urge 
my colleagues to support this important legislation.

                          ____________________