California Identity Theft Laws: Summaries
Compiled by Beth Givens, Updated June 2003 bgivens@privacyrights.org www.privacyrights.org Privacy Rights Clearinghouse California State Laws www.leginfo.ca.gov/calaw.html (text of laws) www.privacy.ca.gov/laws.htm (law summaries)
Criminalizing Misdemeanor / felony “wobbler” for use of personal information for unlawful purposes. Requires notation of court record if imposter is convicted in victim’s name. Penal Code 530.5 (1997) Penalties for trafficking in personal information Every person who, with the intent to defraud, acquires, transfers, or retains possession of personal identifying information of another person, is guilty of a crime punishable by up to $1,000 and one year in county jail. California Penal Code 530.5 Correcting the credit report - with police report from victim If victim submits police report to credit bureau listing the fraudulent accounts, the credit bureau must remove (block) them and inform the credit grantors that the information has been removed. California Civil Code 1785.16(k) Free credit reports for victims, first year Upon request, victims can receive 1 credit report per month for first year from credit reporting agencies. California Civil Code 1785.15.3, effective July 1, 2003. Establishing jurisdiction of record as victim’s own locale Local police department must take a police report, even if crime is committed elsewhere. California Penal Code 530.6 Consolidation of identity theft cases The jurisdiction for a criminal action for ID theft offenses may be the county where the theft occurred or the county where the information was illegally used. If similar ID theft offenses occur in multiple jurisdictions, any one of those jurisdictions is a proper jurisdiction for all of the offenses. Calif. Penal Code 786. Access -- Credit issuer must give documentation to victim and to law enforcement Copies of applications, checks, account statements, etc. Calif. Penal Code 530.8 and Civil Code section 1748.95 Security alerts and security freezes Beginning Jan. 2003, credit bureaus must enable consumers to establish “freeze,” prohibiting the credit bureau from giving report to anyone without consent. Free to victims, fee for others. Calif. Civil Code 1785.11.1 & .2. Credit bureaus must also establish security “alerts” (same as fraud alert) when requested by individual. Remedies for the consumer for credit bureaus’ noncompliance are found in Civil Code Section 1785.31. The remedies allow anyone who suffers damages because of a violation of the credit freeze or credit alert provisions of the bill to sue for injunctive relief and damages including court costs, loss of wages, attorney's fees and when applicable pain and suffering.
�Protection from debt collector harassment No creditor can sell a consumer’s debt to a collection company once the individual has reported the fraud to the credit bureau California Civil Code 1785.16.2 Victim may seek injunction against debt collector who pursues payment California Civil Code 1798.92-97 Address verification Credit issuer must verify address if (1) an application of credit shows a different address than the one on the preapproved offer, and (2) when a request for a duplicate card comes within 10 days of request for change of address. California Civil Code 1747.06 Truncation of credit card number on transaction slip No more than the last 5 digits of a credit card number may be printed on electronic receipts, effective January 2004. California Civil Code 1747.9 Destruction of customer records -- the “shredding” law Businesses are required to shred, erase, or otherwise destroy records containing personal information upon disposal. Civil Code 1798.80-82 Hacker Law -- Disclosure of computer security breaches Requires business or government agency to notify individuals when personal information such as SSN and DOB has been accessed in a computer breach. California Civil Code 1798.29 Confidentiality of Social Security Numbers Individuals & commercial entities may not: publicly display or post SSNs print SSNs on ID cards or badges require people to transmit SSNs over the Internet unless encrypted require people to use the SSN to logon to the Internet without a password print SSNs on mailed documents Phased in from July 2002-July 2005. California Civil Code 1798.85 Credit card “skimmers” The knowing and willful possession or use, with the intent to defraud, of a device designed to scan or re-encode information from or to the magnetic strip of a payment card (a "skimmer") is punishable as a misdemeanor. The devices owned by the defendant and possessed or used in violation may be destroyed and various other computer equipment used to store illegally obtained data may be seized. California Penal Code 502.6 Criminal identity theft -- See PRC Fact Sheet 17(g) Judicial process for clearing your name --Penal Code 530.6(b) Data base of criminal ID theft victims -- Penal Code 530.7 California Attorney General -- (888) 880-0240 Federal Law www.consumer.gov/idtheft/fedlaw.htm (FTC) Federal Identity Theft and Assumption Deterrence Act (18 USC 1028) Federal crime when anyone knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable State or local law.
�