Yesterday a bipartisan bill was introduced in the Senate that would “let victims of identity theft seek restitution for money and time they spent repairing their credit history,” as well as remove some existing barriers to prosecuting criminals.
From the press release by Senator Patrick Leahy (D-Vt.), who co-sponsored the bill with Senator Arlen Specter (R-Pa.):
The Identity Theft Enforcement and Restitution Act of 2007 would:
- Give victims of identity theft the ability to seek restitution for the loss of time and money spent restoring credit and remedying the harms of identity theft;
- Expand the jurisdiction of federal computer fraud statutes to cover small businesses and corporations;
- Eliminate the prosecutorial requirement that sensitive identity information must have been stolen through an interstate or foreign communication and instead focuses on whether the victim’s computer is used in interstate or foreign commerce, allowing for the prosecutions of cases in which both the identify thief’s computer and the victim’s computer are located in the same state;
- Make it a felony to employ spyware or keyloggers to damage ten or more computers regardless of the aggregate amount of damage caused, ensuring that the most egregious identity thieves will not escape with a minimal, or no, sentence;
- Eliminate the requirement that the loss resulting from damage to a victim’s computer must exceed $5,000; under this bill violations resulting in less than $5,000 damage would be criminalized as misdemeanors;
- Add the crime of threatening to obtain or release information from a protected computer to the definition of a cyber crime and expands the definition of a cyber crime to include demanding money in relation to a protected computer, where the damage to the victim computer was caused to facilitate the extortion. By expanding this definition, violators of this provision are subject to a criminal fine and up to five years in prison.