Posted on: Tuesday, July 1, 2003
California consumers to get hacker warnings
By Rachel Konrad
Associated Press
SAN JOSE, Calif. — California consumers will learn this month whether their favorite shopping sites are steeled against computer fraud — or haunts of hackers and identity thieves.
Starting today, companies must warn California customers of security holes in their corporate computer networks. When a retailer discovers its credit card numbers have been stolen, it must e-mail customers, essentially saying, "We've been hacked, and the hacker may have your credit card number."
Local politicians call the regulation the first of its kind in the United States, and it could become the model for a nationwide law. Sen. Dianne Feinstein, D-Calif., plans to introduce similar legislation within a month.
"Corporate and government databases are increasingly becoming targets of identity thieves seeking Social Security numbers and other sensitive personal data,"
Feinstein said in an e-mail. "Under current law, all too often people are unaware that an identity thief has gained this information and may be using it to run up credit card bills or use it to manufacture a new identity."
California's new regulation contrasts with the Bush administration's hands-off treatment of the technology industry, particularly when it comes to controversial e-commerce issues such as privacy and fraud.
Although the FBI and Federal Trade Commission have hunted down Web site operators involved in fraudulent sales and auctions, proponents of the laissez-faire approach worry that regulations would hamper innovation in a fledgling industry.
But many technology executives and legal experts applaud the bold attempt to crack down on identity theft, one of the fastest growing crimes.
The U.S. Postal Service reports that 50,000 people a year have become victims of identity theft, and the U.S. Treasury Department says thieves ring up $2 billion to $3 billion per year on stolen credit cards alone.
As victims expend hours or days canceling debit and credit cards, obtaining new ones and re-establishing accounts and passwords, corporate America loses billions of dollars more in productivity.
Proponents say the California bill makes executives more accountable for computer fraud. It doesn't impose specific monetary fines, but the regulation makes companies with questionable computer networks more vulnerable to lawsuits and public scorn.
