The New York State Senate passed legislation (S.8376-A) that would strengthen New York State’s identity theft laws in a variety of ways, including the enhancement of privacy protection in the work place and programs to aid those who have had their identities stolen. The legislation is part of a three-way agreement announced yesterday among the Governor, Senate and Assembly.
Identity theft is the most common consumer fraud complaint and the fastest growing financial crime, affecting approximately 10 million Americans each year. In 2007, New York ranked sixth in the country in per capita identity theft complaints, according to Identity Theft Data Clearinghouse of the Federal Trade Commission (FTC).
The legislation will restrict the ability of employers to use an employee's personal information, including prohibitions against posting or displaying more than the last four digits of an employee's social security number or placing social security numbers in files with open access. This will provide important confidentiality safeguards for employees.
Additionally, the bill outlaws the possession of "skimmer" devices, which can obtain personal identifying information from credit cards, under circumstances where there is an intent to use the device to commit identity theft.
The legislation also enables victims of identity theft to obtain restitution equal to the value of the time they spend fixing the damage of identity theft. According to one study, it takes identity theft victims as much as 330 hours to fix the damage done by identity theft. For the first time, these victims will be able to be compensated for their lost time.
Victims of identity theft will now be able to seek assistance from the Consumer Protection Board’s (CPB) Identity Theft Prevention and Mitigation Program. The program will assist victims to undo the damage that identity theft has done to their financial and credit history.
Additionally, the bill enhances aspects of the security freeze law – a 2006 law that gives consumers the choice to "freeze" or lock access to their credit file against anyone trying to open up a new account or to get new credit in their name – and extends important confidentiality protections to public entities, preventing the intentional communication of social security numbers to the public.