[Congressional Record Volume 153, Number 64 (Friday, April 20, 2007)]
[Senate]
[Pages S4812-S4813]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

      By Mr. INOUYE (for himself, Mr. Stevens, Mr. Pryor, and Mr. 
        Smith):
  S. 1178. A bill to strengthen data protection and safeguards, require 
data breach notification, and further prevent identity theft; to the 
Committee on Commerce, Science, and Transportation.
  Mr. INOUYE. Mr. President, I rise today to introduce the Identity 
Theft

[[Page S4813]]

Prevention Act of 2007 with my colleagues Senator Stevens and Senator 
Pryor to protect Americans from identity theft.
  The recent breaches of security that led to the loss of sensitive 
personal information remind all of us how vulnerable we are to thieves 
stealing our identity for criminal purposes. Identity theft is a 
growing threat to our personal security that must be met with new 
tactics and new laws in the information age.
  We in the Congress and every consumer in America have seen the 
evolution of identity theft. The moment of greatest awareness was in 
February 2005 when ChoicePoint notified more than 145,000 people that 
their personal data had been accessed by unauthorized persons who used 
some of the information for identity theft. ChoicePoint was required to 
make these contacts under the California notification law, but this 
incident had nationwide effects. Since then, a number of data brokers, 
banks, universities and other entities that hold personal information 
have notified individuals that their personal information may have been 
compromised. The last major breach was made public in January 2007, 
when T.J. Maxx announced it had discovered a breach in the security of 
its customer payment data. As a result of hacker activity starting in 
2005, information on more than 45 million credit and debit cards had 
been stolen.
  The need to address this problem is long overdue. Every business that 
collects and stores sensitive personal information must ensure that the 
information is safeguarded. If a security breach occurs and the 
information could be used for identity theft, every affected consumer 
needs to be notified as soon as possible so they can best protect 
themselves and their families. The Identity Theft Prevention Act 
provides the Federal Trade Commission new enforcement tools to ensure 
businesses that hold a consumer's sensitive personal information use 
vigorous safeguards to prevent breaches from happening. The Act also 
requires businesses to appropriately notify consumers if their 
information is improperly released and could lead to identity theft. In 
addition, the Identity Theft Prevention Act provides consumers the 
ability to place a security freeze on their credit reports, so if they 
choose, they can eliminate the worry and the impact of an identity 
thief opening new lines of credit from stolen information.
  Americans have demanded better protection for their sensitive 
personal information, and it is imperative that we respond to these 
demands effectively and expeditiously. I look forward to working with 
the other Members of the Senate to move this legislation forward.
                                 ______