Home : Security : News

US passes stronger ID theft laws

A new Federal law about to hit the statute books will introduce tougher penalties for ID crime as well as the right to sue for losses.

By Miya Knights, 22 Sep 2008 at 13:48

gallery

After finally passing a new identity theft bill, the US is set to add tougher penalties and victim restitution options across the country.

The Identity Theft Enforcement and Restitution Act, originally introduced in 2007, but never passed by the US House of Representatives, was finally accepted this weekend after its inclusion in another bill to protect former US Vice Presidents.

Now passed by the both the House and Senate, the Act is expected to meet no resistance from the US President when he comes to sign it into law.

It eliminates the limitations previous legal safeguards against cyber crime, which only permitted federal jurisdiction if the criminal and victim were located in separate states.

Now, any criminal proven to have installed malware or spyware on more than ten computers, even in a single state, can be pursued under this new federal law.

It also does away with the minimum previous $5,000 (£2,731) limit to damages incurred due to unauthorised access to computer systems before charges can be filed.

And victims will be allowed to sue criminals convicted under the Act for damages as result of any ID theft.

Senator Patrick Leahy of Vermont, who introduced the bill, stated: “The key anti-cyber crime provisions that are included in this legislation will close existing gaps in our criminal law to keep up with the cunning and ingenuity of today’s identity thieves.”

Various US and international industry bodies have supported the bill’s passage, including the Business Software Alliance (BSA) and Cyber Security Industry Alliance (CSIA).

“For too long, cyber criminals have taken advantage of legal loopholes to evade prosecution and rob consumers of their financial security,” said Robert Holleyman, BSA president and chief executive. He added that the law would strengthen enforcement options against cyber crimes involving ‘botnets’ for example.

Fran Howarth, Quocirca principal IT security analyst told IT PRO it’s likely the detail of this law could find its way into other jurisdictions, “as the California breach notification law did,” she said.

“Other countries will be looking to see how successful it is and are likely to consider similar laws themselves if and once it is shown to have teeth,” she added.

Email to a friend

Print this page

< Previous Security : News Next >

1 comments

You need to Login or Register to comment.

A Solution to Data Thefts and Breaches?

David Scott believes these data breaches and thefts are largely due to a lagging business culture. Read some fresh and original thinking from the author of “IT Wars” - http://www.businessforum.com/DScott_02.html - I urge every business person and IT person, management or staff, to get hold of a copy of "I.T. Wars: Managing the Business-Technology Weave in the New Millennium." It has an excellent chapter on security, and how to scale security for any organization, any budget. It also has a

By Ip_johnfranks999 on Wednesday Sep 24

Latest Security Analysis & Insight

Striving to solve the security skills crisis

The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.