Bills bearing similar provisions have bogged down in the Senate in years past, but Feinstein thinks the stars could to be aligned for passage in 2003 (see BW Online, 2/11/03, "To Thwart the Identity Thieves"). Senator Feinstein chatted on Feb. 7 with BusinessWeek Online Technology Editor Alex Salkever about her identity-theft efforts. Here are edited excerpts of that conversation:
Q: Why do you feel identity theft is such a big problem right now?
A: It's the fastest-growing white-collar crime in America. And in a sense the yield from one identity theft can be more than a bank robbery. But you don't have to go to the risk of robbing a bank.
Q: Why hasn't legislation to deal with this been passed at a federal level before?
A: We have had a real struggle. The industries connected to the credit-reporting industry lobby against these bills behind the scenes. We had a bill that would restrict the use of Social Security numbers heard in the Senate Judiciary Committee last year. It was marked up and then got tangled up in the Finance Committee with other legislation.
With my privacy bill, there has been a problem on opt-in vs. opt out. The companies want opt out, which means you need to know who to call to say, "I don't want you to sell my data."
Q: In past years you've faced strong opposition to these types of reforms. What has changed to give you a better chance of passage this session?
A: Identity theft has become much better understood. It has become much more commonplace. And it has spread all over the U.S. Finally, it's being used in really horrific crimes. A couple of the 9/11 hijackers stole identities. People are becoming much more aware of this, and the crimes can be very big. We heard during testimony before our committee about one guy in South Carolina who got 3,000 Social Security numbers and sold them for $1 each on eBay.
Q: Tell us a little about the privacy bill you're planning to introduce.
A: It will require an individual's prior consent before a company can sell their data. We have negotiated this over a couple of years with companies and lobbying groups. I think we have got it down to where if it's a pure business-to-business relationship that's O.K. But if you sell the information so the public can get ahold of it, then that's not O.K. If anyone can find out your mortgage, who you do your banking with, then I think that's wrong.
Q: Do you think further steps to prevent ID theft might be required down the road?
A: I think we've got a good handle on it with these bills. These are common-sense bills, and they are not extreme in any way. Goverment has to play a role in setting the parameters. I think we have an absolute right to protect people's private data from commercialization without their permission.
Q: Many states have already passed ID-theft laws. Do we need any more federal laws?
A: States are passing their own laws. There will be different credit laws in each state. I don't think people want that. At some point, there will be both the timing and the opportuntity to set a strong national standard. Increasingly, people are going to want that. And increasingly, this is a bipartisan issue. Senators [Charles] Grassley (R-Iowa) and [John] Kyl (R-Ariz.) have both been helpful on this.