Welcome to Consumer Reports Advocacy

For 85 years CR has worked for laws and policies that put consumers first. Learn more about CR’s work with policymakers, companies, and consumers to help build a fair and just marketplace at TrustCR.org

Identity theft victims get new protections in Washington state

New laws give consumers security freeze and data breach notice rights
May 10, 2005

Tuesday, May 10, 2005

Washington Governor signs news identity theft protections into law

New Laws Give Consumers Security Freeze and Data Breach Notice Rights

OLYMPIA, WA – Under a new law signed today by Governor Christine Gregoire, companies and government agencies will be required to notify Washington state consumers when their personal information has been compromised as a result of a breach in security. And a second bill signed by the Governor gives consumers who receive such notice, as well of those who have become victims of identity theft, the right to put a security freeze on their credit file to prevent crooks from opening new accounts in their name.

“Identity theft has become an epidemic in the U.S. that affects millions of consumers every year,” said Gail Hillebrand, Director of Consumers Union’s Financial Privacy Now campaign. “Washington residents now have new safeguards that will help them learn when their personal information may have fallen into the hands of identity thieves so they can take the steps they need to protect their credit.”

The security breach notice law signed by the Governor requires companies and government agencies to inform consumers whose information has been compromised, unless it is unlikely that the lapse in security subjects individuals to a risk of criminal activity. The law covers security breaches involving computerized data. California was the first state to require notice of data security breaches. The law became well known in February when ChoicePoint, Inc, a data broker based in Georgia, was forced to notify 35,000 Californians that it had sold their personal information to a fraud ring posing as legitimate businesses.

At first, the company announced it had no plans to notify the 110,000 other consumers outside California who had been affected by the scandal. But company soon reversed itself after public officials in 38 other states pushed for fuller disclosure. Since the ChoicePoint announcement, Arkansas, Indiana, Montana, North Dakota have passed laws requiring private companies to notify consumers about security breaches, and Indiana has passed a law requiring government agencies to do so.

Washington consumers who receive the breach notice will also get the right to lock up their credit files with a security freeze to prevent identity thieves from opening new accounts in their names. This same right will be available to all consumers in the state who become identity theft victims.

A security freeze lets the consumer prevent anyone from looking at his or her own credit reporting file for purposes of granting credit unless the consumer chooses to let that particular business look at the information. When an imposter seeks credit in the consumer’s name, the creditor checks the credit reporting file. If the file is frozen, the creditor will deny the thief’s credit application. When the consumer is applying for credit, the consumer can lift the freeze so that a particular creditor can see the credit file or for a specified period of time. When the consumer is not seeking credit, the security freeze effectively prevents anyone else from getting credit in the consumer’s name.

Four states already have security freeze laws on the books. California law enables consumers to put a security freeze on their credit reporting file at any time, even if they have not been victimized by identity theft. A similar security freeze right goes into effect in Louisiana in July 2005. Texas law allows consumers to put a security freeze on their credit files after they have filed a police report detailing that they have become victims of identity theft. Consumers in Vermont will have the same right starting in July 2005. Lawmakers in at least 22 states have introduced bills to give security freeze rights to consumers.

“The recent rash of identity theft scandals has made clear that most consumers don’t have the tools they need to protect themselves from this insidious form of fraud,” said Hillebrand. “Washington lawmakers should be applauded for enacting these new safeguards and should continue working to extend even greater identity theft protections to consumers. We hope state lawmakers will consider giving all consumers – not just identity theft victims – the ability to put a security freeze on their credit file.”

More information about state efforts to enact security freeze legislation is available on the Consumers Union website at: http://www.consumersunion.org/campaigns//learn_more/001833indiv.html

For more information: Gail Hillebrand, 415-431-6747, ext 136

IssuesMoney
You Might Also Be Interested In
press release
April 17, 2024
Consumer Reports urges House Financial Services Committee to reject repeal of CFPB’s limits on credit card late fees
April 17, 2024
CR letter to House Financial Services Committee urging it to oppose HR 7428 and HR 7440
April 16, 2024
CR letter urging House Financial Service’s Committee to reject repeal of CFPB’s credit card late fee limits
press release
April 1, 2024
Consumer Reports supports CFPB’s proposed rule to limit excessive overdraft fees