New Cyber Crime bill passes Senate – Identity Theft Enforcement and Restitution Act
A new act – the Identity Theft Enforcement and Restitution Act of 2007 was passed by the Senate Committee on the Judiciary. Introduced by Senator Patrick Leahy, the Chair of that Committee, last October, the bill’s purpose is “to enable increased federal prosecution of identity theft crimes and to allow for restitution to victims of identity theft.” This Anti-Cyber Crime act has now passed passage in the Senate and now needs action by the House to be enacted into law.
This bill will make it easier to prosecute criminals, but the onus still remains on corporations to protect sensitive data that they hold on consumers and employees. Another act – Identity Theft Red Flags – will provide the impetus to ensure that companies create pro-active identity theft protection plans that are signed off – in Sarbanes-Oxley style – by their boards.
Recently companies have begun employing a new form of cryptography – format-preserving encryption – to protect structured information like credit card numbers and social security numbers in databases and applications – the primary beneficiary of this approach is you and me – the consumers – as data that is encrypted – even if it is stolen – cannot be used to steal identities. The FPE approach is available as part of Voltage SecureData which can be deployed on average 5 times faster than other approaches – saving huge amounts of time and cost.