Governor proposes anti-identity theft bill

Gov. Rod Blagojevich proposed legislation this week that would require companies, inside and outside the state, to immediately notify Illinois residents when their personal information has been compromised.

The legislation comes as a result of a breach in security at the Georgia-based data broker company ChoicePoint and heightened concerns about identity theft. "The ChoicePoint incident showed us clearly that customers might not know that their personal information and financial information has been stolen," said Abbie Ottenhoff, Blagojevich's spokeswoman.

"If a business or company knows that somebody has gotten into their records, we want to make sure that their customers find out as quickly as possible so they can contact their creditors and banks and whoever else they need to reach out to to make sure their credit and their identities are protected."

In October, ChoicePoint officials discovered that more than 50 phony companies had been created to obtain personal information from their computer systems. Operating for more than a year under the guise of these phony companies, hackers gained access to personal information, including Social Security numbers, addresses, credit reports and telephone numbers, of an estimated 145,000 people across the United States.

Consumers in every state, including three U.S. territories, fell victim to the security breach, including about 5,000 people in Illinois and 1,635 people in Missouri. However, news of the security breach was released just days ago.

ChoicePoint officials did not return repeated phone calls for comment. However, Gail O'Connor, a spokeswoman for Attorney General Lisa Madigan, whose office is backing the governor's legislation, has been working closely with ChoicePoint lawyers. She said it is unclear at this time if Illinois residents have fallen victim to identity theft-related fraud as a result of the security breach. Rep. Mike Bost, R-Murphysboro, said while he was unaware of the governor's proposal, he thinks such a measure has been a long time coming and does not think the bill will have any problem passing the Legislature. "I think this has been long overdue," Bost said. "Identity theft doesn't just cost the person that it's occurring on; it costs all of us as taxpayers because somebody ends up having to foot the bill."

According to the Federal Trade Commission, identity theft is the fastest growing crime in the United States with an estimated 900,000 victims each year, costing consumers and businesses billions of dollars. Other provisions of the governor's bill might include an option to allow consumers to place a freeze on their credit limits. By doing so, any requests for additional credit would require consumer notification and identity confirmation.

Ottenhoff said the governor is in the process of working with consumer and business groups to draft the legislation. She said they hope to have the bill in the General Assembly before the end of the legislative session, which is scheduled to end in May. Currently there is no law in Illinois requiring companies to notify consumers when their personal information has been stolen or released to unauthorized individuals.

If the Legislature passes the bill, failure of companies to notify consumers in a timely fashion could potentially result in civil and financial penalties. O'Connor said letters to the individuals in Illinois affected by the ChoicePoint security breach were sent out Wednesday. She said up until this point none of the residents had been notified. ChoicePoint is offering victims of the security breach three free credit reports, one from each of the credit agencies, Equifax, Experian and Trans Union, as well as one year of free credit monitoring.