[Congressional Record Volume 153, Number 175 (Tuesday, November 13, 2007)]
[Senate]
[Pages S14275-S14276]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




             IDENTITY THEFT ENFORCEMENT AND RESTITUTION ACT

  Mr. LEAHY. Mr. President, I am disappointed that some Senator is 
preventing the Senate from taking an important step forward to combat 
identity theft and to protect the privacy rights of all Americans by 
passing the Leahy-Specter Identity Theft Enforcement and Restitution 
Act of 2007. This bipartisan cyber crime bill, which was requested by 
the Department of Justice, will provide new tools to Federal 
prosecutors to combat identity theft and other computer crimes. I know 
that it is cleared for passage by all Democratic Senators.
  The dangers of identity theft and other cyber crimes continue to 
increase as our Nation becomes more dependent on high technology. In 
fact, just last week, FBI Director Robert Mueller stated that ``[c]yber 
threats will continue to grow as people become more and more dependent 
upon digital technology'' and ``we will be vulnerable to terrible 
attacks.'' Prompt Senate action on this bill will bring us one step 
closer to providing greatly needed tools to the Federal prosecutors and 
investigators who are on the front lines of the battle against identity 
theft and other cyber crimes. I urge those objecting to proceeding on 
this bill to reconsider their actions and allow the bill to be 
considered and passed.
  I thank Senator Specter, who has been a valuable partner in combating 
the growing problem of identity theft for many years, for joining with 
me to introduce this important privacy bill. I have once again worked 
in a bipartisan manner with a group of Senators on both sides of the 
aisle to draft this legislation. I thank Senators Durbin, Grassley, 
Schumer, Bill Nelson, Inouye, Stevens, and Feinstein for joining with 
us as cosponsors of this important legislation.
  I commend Senators Biden and Hatch for their contributions in this 
area. I am pleased that several provisions they have suggested to 
further strengthen this cyber crime legislation were included by 
amendment in this bill when it was considered and reported by the 
Judiciary Committee and that they, too, have now cosponsored our bill.
  Senator Specter and I have worked closely with the Department of 
Justice in crafting this bill, and the Leahy-Specter Identity Theft 
Enforcement and Restitution Act has the strong support of the 
Department of Justice and the Secret Service. This bill is also 
supported by a broad coalition of business, high-tech and consumer 
groups, including Microsoft, Consumers Union, the Cyber Security 
Industry Alliance, the Business Software Alliance, AARP, and the 
Chamber of Commerce.
  The Identity Theft Enforcement and Restitution Act takes several 
important and long overdue steps to protect Americans from the growing 
and evolving threat of identity theft and other cyber crimes. First, to 
better protect American consumers, our bill provides the victims of 
identity theft with the ability to seek restitution in Federal court 
for the loss of time and money

[[Page S14276]]

spent restoring their credit and remedying the harms of identity theft, 
so that identity theft victims can be made whole.
  Second, because identity theft schemes are much more sophisticated 
and cunning in today's digital era, our bill also expands the scope of 
the Federal identity theft statutes so that the law keeps up with the 
ingenuity of today's identity thieves. Our bill adds three new crimes--
passing counterfeit securities, mail theft, and tax fraud--to the list 
of predicate offenses for aggravated identity theft. And, in order to 
better deter this kind of criminal activity, our bill also 
significantly increases the criminal penalties for these crimes. To 
address the increasing number of computer hacking crimes that involve 
computers located within the same State, our bill also eliminates the 
jurisdictional requirement that a computer's information must be stolen 
through an interstate or foreign communication in order to federally 
prosecute this crime.
  Our bill also addresses the growing problem of the malicious use of 
spyware to steal sensitive personal information, by eliminating the 
requirement that the loss resulting from the damage to a victim's 
computer must exceed $5,000 in order to federally prosecute this 
offense. The bill also carefully balances this necessary change with 
the legitimate need to protect innocent actors from frivolous 
prosecutions and clarifies that the elimination of the $5,000 threshold 
applies only to criminal cases. In addition, our bill addresses the 
increasing number of cyber attacks on multiple computers by making it a 
felony to employ spyware or keyloggers to damage 10 or more computers, 
regardless of the aggregate amount of damage caused. By making this 
crime a felony, the bill ensures that the most egregious identity 
thieves will not escape with minimal punishment under Federal cyber 
crime laws.
  Lastly, our bill strengthens the protections for American businesses, 
which are more and more becoming the focus of identity thieves, by 
adding two new causes of action under the cyber extortion statute--
threatening to obtain or release information from a protected computer 
and demanding money in relation to a protected computer--so that this 
bad conduct can be federally prosecuted. In addition, because a 
business as well as an individual can be a prime target for identity 
theft, our bill closes several gaps in the Federal identity theft and 
the aggravated identity theft statutes to ensure that identity thieves 
who target a small business or a corporation can be prosecuted under 
these laws. The bill also adds the remedy of civil and criminal 
forfeiture to the arsenal of tools to combat cyber crime, and our bill 
directs the U.S. Sentencing Commission to review its guidelines for 
identity theft and cyber crime offenses.
  The Identity Theft Enforcement and Restitution Act is a good, 
bipartisan measure to help combat the growing threat of identity theft 
and other cyber crimes to all Americans. This carefully balanced bill 
protects the privacy rights of American consumers, the interests of 
business, and the legitimate needs of law enforcement. This privacy 
bill also builds upon our prior efforts to enact comprehensive data 
privacy legislation. The Leahy-Specter Personal Data Privacy and 
Security Act, S. 495, which Senator Specter and I reintroduced earlier 
this year, would address the growing dangers of identity theft at its 
source--lax data security and inadequate breach notification. 
Protecting the privacy and security of American consumers should be one 
of the Senate's top legislative priorities, and I urge the majority 
leader to take up that measure at the earliest opportunity.
  Again, I thank the bipartisan coalition of Senators who have joined 
Senator Specter and me in supporting this important privacy 
legislation, as well as the many consumer and business groups that 
support this bill. I urge whoever is holding up this bipartisan bill to 
stop delaying this measure so that the Senate can promptly pass this 
important and much needed privacy bill before the Thanksgiving recess.
  I ask unanimous consent that a support letter from the Chamber of 
Commerce be printed in the Record following my remarks.
  There being no objection, the material was ordered to be printed in 
the Record, as follows:

                                        Chamber of Commerce of the


                                     United States of America,

                                 Washington, DC, November 2, 2007.
     Hon. Patrick Leahy,
     Chairman, Committee on the Judiciary, U.S. Senate, 
         Washington, DC.
     Hon. Arlen Specter,
     Ranking Member, Committee on the Judiciary, U.S. Senate, 
         Washington, DC.
       Dear Chairman Leahy and Ranking Member Specter: The U.S. 
     Chamber of Commerce, the world's largest business federation 
     representing more than three million businesses and 
     organizations of every size, sector, and region, thanks you 
     for your leadership on issues related to identity theft and 
     other types of cyber crime. The Chamber strongly supports S. 
     2168, the ``Identity Theft Enforcement and Restitution Act of 
     2007,'' and congratulates the Committee on the Judiciary for 
     reporting favorably this important legislation.
       The Internet today is a major engine of economic growth for 
     the United States. Unfortunately, accompanying this amazing 
     growth has been the continued rise of malicious cyber 
     activity by very coordinated and clever criminal networks. S. 
     2168 will go a long way to address this very serious issue by 
     giving law enforcement officials much needed tools and 
     resources to combat these criminals.
       Once again, the Chamber appreciates your leadership on 
     these issues, and looks forward to working with the Committee 
     to assure passage of S. 2168 by the full Senate.
           Sincerely,

                                              R. Bruce Josten,

                                         Executive Vice President,
     Government Affairs.

                          ____________________