United States Senator
November 4, 2003
Statement of Senator Patrick Leahy,
Ranking Member, Senate Judiciary Committee
Finding Out When Your Information Has Been Compromised"
November 4, 2003
Today's hearing will examine the timely and important issues related to database security. As technology has advanced, and particularly since the terrorist attacks of September 11th, there has been a surge in government and private sector efforts to create large databases that compile extensive personal information, often through so-called data-mining. The Bush Administration has done this in the name of homeland security, and private companies have argued that gathering this information is essential to their commercial ventures.
We are well aware of the concerns that these databases can foster and the problems that can result from their misuse. Administration projects like the Total Information Awareness initiative threatened to violate privacy and other civil liberties and provoked an overwhelming outcry from the public. Just recently we learned that a DOD contractor, Torch Concepts, obtained an airline passenger database without those passengers' knowledge, used it in ways not admitted to the airline, and publicly released the personal information of one of those unsuspecting passengers.
I am particularly concerned that criminals view these databases as virtual goldmines for illegal activities, most notably identity theft. I commend Senator Feinstein for introducing S.1350 to alleviate some of the concerns with these personal information databases. I also commend her steady and committed leadership on identity theft.
Since the 104th Congress, I have worked on many efforts to protect consumers against identity theft. I collaborated with Senators Grassley and Kyl on the National Information Infrastructure Protection Act of 1996, to protect financial and other data from threats directed against computers and computer systems. Senator Kyl and I also cosponsored the Identity Theft and Assumption Deterrence Act of 1998, signed into law by President Clinton, to penalize the theft of personal identification information for false credit cards, fraudulent loans or for other illegal purposes.
In the 106th Congress, I supported the Internet False Identification Prevention Act, also signed into law by President Clinton, to provide additional tools to law enforcement to combat the theft of, and fraud associated with, identification documents and credentials. I also joined Senators Grassley and Breaux in introducing S.1723, the Protect Victims of Identity Theft Act of 2001, to clarify that the statute of limitations for identity theft does not start until the consumer discovers the problem or should have discovered it through the exercise of reasonable diligence. I also cosponsored a substitute to S.1742, the Identity Theft Victims Assistance Act, to assist identity theft victims restore their credit ratings and reclaim their good names by giving them the right to obtain relevant business records and the ability to have fraudulent charges blocked from reporting in their consumer credit reports.
This year I have cosponsored S. 223, which, among other steps, would set procedural guidelines for consumer reporting agencies to notify consumers about address discrepancies in their files, prohibit printing the last five digits of credit card numbers and expiration dates on receipts, and require that consumer reporting agencies provide consumers with one free annual credit report. I have also cosponsored S.228, which would criminalize the display, sale or purchase of social security numbers without individual consent, prohibit the display of social security numbers on certain public documents, like driver's licenses and government checks, and prohibit companies from requiring consumers to provide social security numbers when buying goods or services.
Unless we are vigilant about protecting them, our privacy rights can easily slip away through erosion. I have long encouraged diligence in our Committee's role in defending privacy rights. I welcome today's hearing, I welcome our witnesses today, and I look forward to learning more about their efforts to ensure database security and prevent identity theft.
# # # # #