[Congressional Record Volume 155, Number 118 (Friday, July 31, 2009)]
[Extensions of Remarks]
[Page E2150]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




                        STOPPING IDENTITY THEFT

                                 ______
                                 

                           HON. HOWARD COBLE

                           of north carolina

                    in the house of representatives

                         Friday, July 31, 2009

  Mr. COBLE. Madam Speaker, as a longtime member of the House Judiciary 
Committee, I am deeply concerned about the urgent need to protect 
Americans from rampant identity theft. During my six years as Chairman 
of the subcommittee that dealt with intellectual property matters, we 
often addressed issues affecting this criminal activity.
  Identity theft occurs when someone is able to use another person's 
identifying information, including their name, Social Security number, 
or credit card number, without that person's permission, to commit 
fraud or other crimes. It is even a threat to our national security.
  The Federal Trade Commission announced on February 26 that identity 
theft was the most reported complaint in 2008. The FTC estimates that 
as many as nine million Americans have their identities stolen each 
year.
  Our government has begun a review that puts the focus on protecting 
the nation's digital infrastructure against cyber-attacks. I commend 
the Obama Administration for recognizing this major problem and for 
beginning to take constructive steps to deal with it.
  If you are interested in learning more about this important matter, I 
urge you to read a column that was written by Michael J. Schultz for 
the Washington Times on February 20.

       ``President Barack Obama named Melissa Hathaway to lead a 
     major review of this nation's cybersecurity. Her selection 
     reflects the administration's desire to protect the 
     government's information technology systems from security 
     threats.
       ``The General Accounting Office characterized the 
     government's computer system as a ``high risk'' area. This 
     was underscored when the Federal Aviation Administration 
     recently admitted its computer system was ``hacked'' and that 
     the 48 files breached contained the names and Social Security 
     numbers of more than 45,000 employees.
       ``While it is critical that the government's information 
     networks be protected from terrorists and hackers alike, it 
     is equally important that the administration's review also 
     focus on ways to better protect every American's digital 
     identities, especially when they use credit cards or the 
     Internet.
       ``Digital identity misuse or theft leaves victims exposed 
     to fraud that could lead to physical, emotional and financial 
     harm. People from all walks of life have been victimized with 
     those least able to absorb the punishment among the hardest 
     hit.
       ``A recent survey by Jupiter Research concluded a total of 
     10 million Americans were victims of identity fraud in 2008, 
     at an average cost of $496. Of these, 19 percent were 
     defrauded while conducting online transactions.
       ``Millions of other Americans have suffered financial 
     losses when their credit cards have been compromised. In 
     addition, thousands of merchants have lost merchandise or 
     funds when credit cards have been misused or stolen cards 
     presented to make a purchase. Online merchants lost more than 
     $10 billion in 2007 due to identity fraud.
       ``The misuse of prepaid cards presents yet another massive 
     problem. Millions of stored value cards (gift cards, payroll 
     cards, prepaid cards) have no Federal Deposit Insurance Corp. 
     protection when they are stolen and thus thieves can spend 
     them as easily as cash, depleting the true owner of their 
     hard-earned savings.
       ``Most Americans do not realize that debit cards, which 
     often carry the insignia of a credit card, do not offer the 
     same protection as regular credit cards, and may only learn 
     this when the cards are stolen.
       ``Unfortunately, the dangers go far beyond potential 
     financial loses. A recently well-publicized case involved a 
     14-year-old girl who committed suicide when an adult 
     pretended to be a boy on MySpace and then dumped her in a 
     degrading way.
       ``Another example of the misuse of digital identities 
     occurs when already overworked 911 call centers get 
     ``swatted'' by prank callers able to imitate another number. 
     These types of ``pranks'' severely limit first responders' 
     ability to act in times of crisis, which places the entire 
     community at risk when real emergencies require responses by 
     fire or police departments.
       ``The upcoming review by the Obama administration should 
     also address the sad truth that many of the so-called 
     protections are inadequate to the dangers. For example, PINs 
     or passwords often offer relatively little identity 
     validation or protection. And most people have so many 
     different passwords they frequently write them down and keep 
     them with their cards, so when one is stolen the protection 
     is often gone with it.
       ``Professional hackers can easily steal credit card 
     information from individuals as well as from larger systems. 
     More than 100 million credit card accounts were exposed when 
     Heartland Payment Systems had its data centers breached in 
     December 2008, enabling the thieves to subvert any current 
     anti-fraud technology present. TJX Corp. had millions of 
     credit card accounts exposed when they had their data centers 
     breached.
       ``RBS WorldPay, one of the largest payment processors in 
     the world, also had millions of accounts stolen when their 
     data centers were breached.
       ``Clearly the old methods of automated protection are no 
     longer adequate. Thus, we must implement systems that better 
     validate digital identities to protect us as individuals and 
     companies.
       ``Just as the government was wrong in allowing loose self-
     regulation of the financial, automotive and mortgage 
     industries, it also has been far too lax in ensuring 
     protection for consumers and companies that use payments 
     cards of any type on the Internet.
       ``As a direct result of these conditions, we have seen a 
     precipitous increase in reported credit card and Internet 
     fraud. All users are at risk, but it is our children who are 
     most vulnerable.
       ``The upcoming review of cybersecurity has the immediate 
     responsibility to provide broadly defined protection. In 
     addition to improving how to better protect our 
     infrastructure from potential homeland security breaches from 
     those with ill intent toward the United States, the 
     administration should address how to use validated digital 
     identities to prevent the abuses that have caused significant 
     harm to individuals and businesses.''

                          ____________________