[Congressional Record (Bound Edition), Volume 149 (2003), Part 3]
[Extensions of Remarks]
[Page 4148]
[From the U.S. Government Publishing Office, www.gpo.gov]




    ENSURE BANK CUSTOMERS ARE INFORMED WHEN THEIR IDENTITY IS STOLEN

                                 ______
                                 

                         HON. GERALD D. KLECZKA

                              of wisconsin

                    in the house of representatives

                      Thursday, February 13, 2003

  Mr. KLECZKA. Mr. Speaker, today I am introducing legislation, in 
conjunction with my colleague Mr. Ryan of Wisconsin, that would require 
financial institutions to notify customers if their personal 
information was compromised as a result of employee misconduct or 
computer hacking. This legislation, the Identity Theft Consumer 
Notification Act, was also offered in the last Congress.
  Identity theft complaints have nearly doubled over the last year, and 
this is the third straight year this crime has topped the Federal Trade 
Commission's consumer fraud list. Last fall, the FBI broke up the 
largest identity theft ring in U.S. history, with more than 30,000 
consumers' information having been stolen.
  In our home state of Wisconsin, it was revealed last year that a 
local bank had discovered that hundreds of its customers' information 
had been stolen in September 2001, yet none of the victims were 
notified until May of 2002, eight months later. This is completely 
unacceptable, as any victim of this crime will tell you of the lengthy 
and expensive process of restoring one's credit history after his or 
her identity has been hijacked. Unfortunately, there is nothing in 
existing law that compels banks or other financial institutions to 
contact their customers if it is discovered that their information was 
stolen from one of these businesses.
  In addition to requiring financial institutions to promptly notify 
victims if their personal information has been compromised, this 
legislation would also have banks assist the customer in repairing his 
or her credit report, and reimburse them for any losses incurred. It 
would ensure that the annual privacy notices to financial institution 
customers required by Gramm-Leach-Bliley include the bank's obligation 
to carry out these duties. Lastly, the bill would specify that the two-
year statute of limitations on seeking civil damages begins to toll at 
the time the crime is discovered by the victim, rather than at the time 
the crime took place.
  It is only common sense that consumers receive timely information 
from the businesses that they have entrusted their personal data, 
should they fall victim to identity theft. This bill would give 
consumers confidence that they will quickly learn if their information 
has been compromised, and that they will receive the necessary 
assistance to repair the damage done. I urge my colleagues to cosponsor 
this measure.

                          ____________________