Docstoc

State of Florida Reporting Contract Fraud Against Consumers

Document Sample
State of Florida Reporting Contract Fraud Against Consumers Powered By Docstoc
					                               Attachment B-1


                 STATEWIDE GRAND JURY REPORT

                    IDENTITY THEFT IN FLORIDA


       IN THE SUPREME COURT OF THE STATE OF FLORIDA
                     Case No: SC 01-1095

                         FIRST INTERIM REPORT

                                  OF THE

                SIXTEENTH STATEWIDE GRAND JURY

       _________________________________________________

                              January 10, 2002

I. INTRODUCTION

Identity theft has been recognized as one of the fastest growing crimes in the
nation, and as such the members of the Sixteenth Statewide Grand Jury were
empaneled by the Florida Supreme Court at the request of Governor Jeb
Bush to investigate and address associated issues as they occur in Florida.

In the course of our investigation, we heard testimony from:
     representatives of the Department of Highway Safety and Motor
       Vehicles, Division of Driver License;
     investigators from the Florida Department of Law Enforcement;
     the Florida Highway Patrol;
     the Social Security Administration, Office of the Inspector General;
     the Florida Department of Professional Regulation, Division of
       Alcohol and Tobacco;
     representatives from the banking industry, credit card industry and the
       credit reporting industry;
     and victims of identity theft
During our term, we returned eight indictments on charges of Racketeering,
Conspiracy to Commit Racketeering, Organized Fraud, Grand Theft, Money
Laundering, Criminal Use of Personal Identifying Information, Insurance
                                     Page 1 of 32
                                Attachment B-1

Fraud and Driver License Fraud; charging 33 defendants with 419 counts.
Additionally, since the beginning of our term, our legal advisors have
charged 23 defendants with 150 counts.

These cases involved identity thieves who obtained personal identifying
information and in turn used that information to secure fraudulent driver
licenses, credit cards, bank accounts, automobile loans, automobile
insurance, government benefits and identity takeovers in the State of Florida.
These cases not only involved the theft of vast amounts of money, but in
essence destroyed the good name of the victims. We are shocked and
outraged by the ease with which these crimes are committed and the
enormity of the difficulties faced by victims in recovering from these acts.

In an effort to understand the nature and scope of this problem, we analyzed
the efforts of Florida's public officials, State agencies, law enforcement, and
the private sector to curb identity theft. We learned that Florida is in fact
doing a great deal about the scourge of identity theft. Yet, in our view, there
remains much to be done.

We wish to commend the vision and leadership of Governor Jeb Bush; the
1999 and 2000 Florida Legislatures; the Florida Cabinet; the judiciary; and
the heads of state, local, and federal law enforcement agencies who are
working together to solve the identity theft crisis. We are also gratified that
private industry and government entities have joined together in a
partnership to prevent identity theft in the first place and to address the
serious problems faced by identity theft victims. An outline of the steps
taken to date is attached to this Report as Appendix A.

Clearly the horrific and tragic events of September 11, 2001, catapulted the
issue of identity theft to the forefront of the public's consciousness. As a
result of those events, a multitude of government agencies and private
entities are working together to strengthen our domestic security. One of the
key issues being evaluated after September 11th is the state issued driver
license and identification card process. As a result, many of the issues we
have considered in the context of identity fraud in commercial situations are
now being addressed because of public security concerns. We applaud those
security efforts, and urge their implementation across the board wherever
possible in order to deter identity theft in all of the various forms we have
witnessed.

                                      Page 2 of 32
                                 Attachment B-1


The costs associated with identity theft are enormous. It is estimated that the
nationwide cost is $2.5 billion and is projected to grow by 30% per year
reaching $8 billion by the year 2005. The average loss to the financial
industry is approximately $17,000 per compromised identity.

For criminals, identity theft is an attractive crime. An identity thief can net
$17,000 per victim, and they can easily exploit numerous victims at one
time, with relatively little risk of harm. By comparison, the average bank
robbery nets $3,500 and the criminal faces greater risk of personal harm and
exposure to a more serious prison sanction if convicted.

We learned that the average time between the occurrence of the crime and
discovery by the victim is 12.7 months, with almost 10% of cases taking in
excess of 60 months before discovery. We learned that while the elderly
population is not specifically targeted, they are particularly vulnerable.
Based on their status in life, the elderly population is less likely to engage in
credit dependent transactions on a frequent basis and therefore are less likely
to become immediately aware that they are the victims of an identity thief.
Most individuals become aware of their victimization when an application
for credit is declined due to fraudulent information being contained within
their credit reports or after they have been contacted by a bill collector
attempting to collect a debt that they did not incur.

We did not fully appreciate the magnitude of the problem before we heard
about issues of easy access to personal identifying information, the ease with
which false identification documents are obtained and created, how these
documents are relied upon by the private sector to establish the identity of
the person presenting them, the public safety concerns, and the huge
monetary losses.

We learned of the many crimes that can grow out of identity theft. Among
them are:
    credit card fraud, where credit cards are opened in the victim's name
      or unauthorized charges are made to an existing credit card;
    receipt of unauthorized phone or utility services, where the identity
      thief established a new telephone, cellular phone or other utility
      service in the victim's name;
    bank fraud, where the identity thief opened bank accounts, wrote


                                       Page 3 of 32
                                Attachment B-1

       checks or performed unauthorized withdrawals from existing
       accounts;
     fraudulent loans, where personal property and loans to purchase
       vehicles, real estate and merchandise were obtained;
     fraudulent receipt of government benefits, i.e., welfare, disability and
       tax refunds;
     various forms of insurance fraud
In addition to these and other crimes, identity theft has other consequences
as well. Among these are:
     victims having criminal records based on an identity thief using the
       victim's name during an arrest;
     identity thieves obtaining employment in the name of the victim;
     medical insurance or medical services obtained in the name of the
       victim
Identity fraud presents enormous public safety concerns. Law enforcement is
unclear as to the true identity of the person with whom they are dealing.
Identity thieves can successfully mask their true identity and criminal history
for various nefarious purposes. The identity thief can endanger public safety
by masquerading as an individual with special qualifications such as a
doctor, lawyer, or other trained professional. In addition, the identity thieves
have represented that they possess driving qualifications such as those
conferred by a commercial driver license when in fact they are not qualified.

We learned that an individual whose identity has been compromised faces an
enormous, emotional and frustrating task to clear their good names. The
Federal Trade Commission's Identity Theft Clearing House estimates that
victims spend, on average, almost 3 months of their lives and over $800 out
of their own pockets to remove the information added to their reports as a
result of the identity theft. Victims are faced with a bureaucratic quagmire
from the various financial institutions and credit reporting agencies that they
are forced to deal with in removing the charges and entries incurred by the
identity thief. A serious problem faced by the victim is the inconsistency of
requirements that the various financial institutions impose to remove the
fraudulent data. There are instances where victims are arrested as a result of
crimes committed by the identity thief in their names, and the removal of the
arrest from their record is oftentimes an insurmountable task since the victim
was actually arrested and the report of that arrest would be considered
accurate information. To further frustrate the victim, general confusion exists
as to which law enforcement agency to report the crime to, since

                                      Page 4 of 32
                                 Attachment B-1

jurisdictional questions are present in each investigation.

We now have a clear sense that in the past few years, Florida has devoted
legislative efforts and, in turn, investigative and prosecutive efforts to combat
the problem of identity theft. In spite of these efforts, the Federal Trade
Commission reports that identity theft complaints are on the rise and, in
turn, the difficulties in the investigation and prosecution of these cases
would necessarily follow.

To that end, we have detailed our work to the extent authorized by law, and
documented our several suggestions and recommendations of specific action
points for consideration by the various stakeholders in this issue - but most
importantly, as a crime prevention message to the people of this great State.

II. SCOPE OF THE INQUIRY

We began this undertaking after listening to testimony and evidence in
identity theft related cases. At first we intended this report to be wide
ranging and comprehensive. But the events of September 11th have
overtaken our work to some extent, in some ways delaying our work, in
other ways accelerating the timetable for our efforts to be completed. Many
of the issues we considered had already been recognized by private and
governmental entities and the shock of last September's events sent ripples
throughout our country that caused everyone to likewise accelerate their
efforts and institute needed changes and reforms on an expedited basis. In
many ways this has made our work all the more complicated in that the
landscape changes on an almost daily basis, yet we are gratified that so much
has already been done. With that in mind, we focused our report on three
areas we believe still need more attention; security of Florida's driver license,
security of our private information, and the treatment of identity theft
victims.

At the inception of our inquiry we quickly became concerned that these
illegal activities were not limited by geographical area. We also became
concerned at the lack of infrastructure and support for victims of identity
theft who are forced to go it alone in the difficult, daunting and sometimes
crippling task of rebuilding their credit and lives. And we especially became
concerned that identity thieves appeared to be utilizing information in the
hands of the government.

                                       Page 5 of 32
                                Attachment B-1


In response to our factual inquiry this is what we found.

III. FINDINGS
A. FLORIDA'S ENFORCEMENT EFFORTS
1. The Florida Department of Law Enforcement

The Florida Department of Law Enforcement has put in place a task force of
specifically dedicated investigators to combat identity theft. Operation
LEGIT (Law Enforcement Getting Identity Thieves) has 5 Special Agents
throughout the State assigned full time to the investigation of identity theft
cases.

In addition to the investigation of identity theft related cases, Operation
LEGIT agents conduct educational seminars on the investigation of identity
theft related cases for various law enforcement audiences.

The investigation of identity theft related cases is not limited to Operation
LEGIT, however, and the full complement of FDLE special agents are
available to perform these investigations.

2. The Florida Highway Patrol

The Florida Highway Patrol (FHP) has the responsibility to conduct criminal
investigations into suspected driver license (DL) fraud. The FHP has
implemented a special task force based in South Florida to investigate
suspected DL fraud. Aside from this special task force, the FHP has 12
investigators statewide who perform, among other duties, the investigation of
driver license fraud.

The Florida Highway Patrol has assigned a top ranking law enforcement
officer to consult with the Division of Driver License administrators and
liaison with external law enforcement agencies in order to assist in
identifying fraud and security issues in the driver license process that are of
particular interest to the law enforcement community.

In addition to the FHP, the Department of Highway Safety and Motor
Vehicle, Division of Driver License has implemented a fraud unit whose
primary duty is to perform a civil investigation into suspected DL fraud.

                                       Page 6 of 32
                                Attachment B-1

There are currently only eleven people assigned to this unit.

3. The Department of Business and Professional Regulation

The Department of Business and Professional Regulation, Bureau of Alcohol
and Tobacco, has a specialized unit to train law enforcement in document
identification and identification of fraudulent driver licenses. The Division
additionally seeks to assist retailers in preventing underage access to alcohol
and tobacco by training them on the identification of false IDs. The Division
has reviewed over 20,000 counterfeit and questionable identification
documents in the year 2001 alone.

This Training Unit is nationally recognized for its expertise and routinely
provides educational seminars for various law enforcement agencies and
driver license administrators throughout the country.

4. County Sheriffs and Municipal Law Enforcement Agencies

The various county sheriffs and municipal law enforcement agencies,
including local State Attorneys, are dealing with the investigation of identity
theft related cases through their economic crimes units and are developing
the expertise and skills necessary to conduct effective investigations of
identity fraud cases. These agencies are generally the victim's first point of
contact when reporting an identity theft related case.

5. Federal Involvement

In addition, there are several federal agencies which undertake the
investigation of identity theft and identity fraud related cases. Among these
are the Federal Bureau of Investigation, the Secret Service, the U.S. Postal
Inspection Service, the Federal Trade Commission and the Social Security
Administration.

We learned that the Federal Bureau of Investigation, as part of their renewed
mission statement, has announced that they plan to minimize their
involvement in fraud related cases. This leaves the other mentioned federal
agencies as well as state and local law enforcement as the primary venue for
the investigation of identity theft related cases.


                                      Page 7 of 32
                                Attachment B-1

B. SECURITY OF DRIVER LICENSES

The Department of Highway Safety and Motor Vehicle, Division of Driver
License (DDL) has the responsibility of issuing and maintaining the records
of all Florida issued driver licenses and identification cards. The DDL
currently maintains records and information on 14 million Florida Driver
Licenses and several million identification cards.

Florida law allows the various county tax collectors to enter into a contract
with DDL so that the tax collector can deliver driver license services. It is
our intent that recommendations that are made to and regarding the DDL
also apply to the contracted county tax collectors.

The Division of Driver License employs 900 driver license examiners
working throughout the State. The minimum requirements to be a driver
license examiner are a high school diploma and one year of experience
dealing with the public. The average driver license examiner makes
approximately $20,000 per year. The DDL is currently in the process of
enhancing their driver license examiner selection process by development of
examiner standards and requiring a polygraph, background check,
fingerprinting and drug testing of applicants.

The Division of Driver License sets forth the rules and procedures to be
followed in the issuance of a DL or ID card. This is done in concert with the
statutes that set forth what information can be required from the applicant
and what information can be retained.

Florida law currently requires the driver license or identification card
applicant to provide their full name, gender, social security number,
residence and mailing address. Proof of date of birth and identity satisfactory
to the department must also be provided. Florida law says that proof of
identity must include a certified copy of a US birth certificate, a valid US
Passport, an alien registration receipt card (green card), an employment
authorization card issued by the United States Department of Justice, or
proof of non-immigrant classification provided by the United States
Department of Justice, in order to secure an original license.

In the review of all of the acceptable documents, an examiner has only
experience and memory to consult to evaluate the legitimacy of the

                                      Page 8 of 32
                                Attachment B-1

documents presented . There is no requirement that a second examiner
confirm that the documents are in order. Copies of the documents presented
are not retained. The DDL has recently been provided with training by the
Immigration and Naturalization Service on the identification of the various
INS documents.

The DDL indicates that they conduct over 30,000 transactions a day. The
enormous workload that most DL offices and examiners face, pressures from
long lines of impatient customers, along with the multitude of documents the
examiner is presented with, and the amount of discretion granted to each
examiner, creates the opportunity for a harried or dishonest examiner to
claim that proper identification documents were provided when they were
not.

The applicant is also required to disclose if they have previously been
licensed to drive and, if so, when and by what state, and whether any such
license or driving privilege has ever been disqualified, revoked or
suspended, or whether an application has ever been refused. The applicant
must also sign a consent form authorizing the State of Florida to obtain the
applicant's driving record from the original issuing state. The examiner only
has access to a nationwide "problem driver database" that contains
information from states that are members of the American Association of
Motor Vehicle Administrators, AAMVA. The "problem driver database"
only lists those drivers who have had their driving privileges revoked or
suspended by one of the member states. The examiner does not have access
to digital images or other identifying information from these other states to
verify that the person who is representing themselves as a licensed driver
from another state is truly that person.

Currently, Florida law does not require an applicant for a driver license or
identification card to submit a fingerprint. Since no fingerprint is submitted,
subsequent fraud investigations are hampered as is the ability of a victim of
identity theft to conclusively prove that their identity was stolen.

Florida law also sets forth the validity period of a driver license. An original
issue driver license is good for six years and renewable for periods of four
years or six years depending on the driver's driving record. The renewals are
achieved by affixing a sticker to the DL issued by the DDL, or in cases of a
digital image type DL, the mailing of a renewed license. The driver need not

                                       Page 9 of 32
                                 Attachment B-1

appear in person to accomplish the renewal. The license can be renewed by
this method on two occasions. As a result a driver can retain the same
license and outdated photograph for up to 18 years. Due to the extreme
longevity of the driver license and identification card, the protections
afforded by driver license security features are only as good as the
technology of the oldest license still in circulation.

Additionally, security of the driver license itself is only effective as long as
the technology and the stock that is used to generate the card is protected
from theft and misappropriation by the DDL. We have learned that within
the past month, a driver license office was burglarized and all of the
hardware equipment necessary to create a Florida driver license or
identification card was stolen.

We were outraged to learn through a recent case that driver license
examiners have participated in the fraudulent issue of driver licenses and
identification cards. In that case, nearly an entire DDL office participated in
this fraud. Although the DDL has standard operating procedures in place
that should have prevented this behavior there were numerous deviations
from the standard operating procedures.

The fraud was able to be committed in that case because the corrupt
examiners were able to take an applicant for a driver license through the full
application and issuance process. We learned that persons wanting to secure
a fraudulently issued driver license or identification card were routinely
referred to the particular, corrupt examiner.

During identity theft and driver license fraud investigations, it is often
difficult if not impossible for the investigator to determine what identifying
documentation was provided by the applicant since there is no copy of the
document retained by DDL. The examiner may or may not indicate on the
application what document was provided. Although not currently being
utilized by DDL, technology exists to electronically scan all identification
documents presented and retain them in digital form with the application.
We further understand that the DDL has identified this as being an area of
concern and is in the process of taking steps to implement procedures that
would allow for the scanning and retention of these documents.

We heard testimony that during identity theft and driver license fraud

                                       Page 10 of 32
                                 Attachment B-1

investigations the address provided by the applicant is often an invalid
address. The invalid address does not give the investigator a starting point
for their investigation.

We learned that under Florida law, an applicant for a driver license or
identification card does not have to be a resident of the state of Florida, and
currently there is no procedure in place to verify the validity of the address
provided by the applicant.

We understand that there are times when an applicant for a driver license
does not possess all of the required documents, or that the possessed
documents are of such a nature that they do not lend themselves to
immediate authentication and verification. We recognize that the applicant
may have a pressing need to secure the legal authority to operate a motor
vehicle. The DDL has told us that they recognize this as an area of concern
as well and is currently implementing a procedure to issues a temporary
driving permit, that is not valid for identification, to foreign nationals, until
their documents can be verified.

We learned and recognize that some citizens of the State of Florida wish to
protect themselves from identity theft and fraud and are willing to endure
some additional inconvenience. Currently, there is no provision to allow for
citizens to voluntarily increase their security features such as a personal
identification number or other form of password protection.

We recognize that any security feature that is afforded to the new driver
license or identification card will not be effective while the older versions of
the driver license or identification card are still in circulation. As new
security features are implemented and deployed, the identity thief or
counterfeiter could simply resort to using an older version of the driver
license or identification card that is still valid.

We learned that the current media (card stock and laminates) that is being
used for the driver license and identification card is not difficult to alter,
fabricate, unlawfully duplicate and is subject to erasure and other
modifications.

We recognize that any single security feature can be compromised. Effective
security is achieved when various features are layered. There are many

                                       Page 11 of 32
                                Attachment B-1

security features available, that prevent or thwart erasure and tampering,
such as embossed or imbedded lettering. Other security features available are
a two dimensional bar code with sufficient authentication information,
including the ability to hold a digital image of the licensee, and is able to be
scanned by law enforcement. Further security features are the use of
magnetic stripe or other like technology that would be useable by merchants
and the financial industry; smart chips and other smart card technologies;
unique font, ink color and multi-color arrangement to alleviate fraud; micro
printing which has proven effective against counterfeiting; high quality
ultraviolet ink on the front and rear of the license has proven highly effective
against counterfeiting; ghost imaging, or a secondary photograph of the
holder in an alternative location on the card and multiple-layered holograms,
including those that are 3 D in nature.

During the course of our term numerous examples were presented to us in
which the identity thief had multiple licenses with their photographs under
different names, issued by the DDL. The identity thief is currently not
discouraged from this behavior since no protocols are in place to routinely
search the DDL database for duplicate digital images. The DDL requires an
applicant for a driver license or identification card provide their social
security number. Currently a would-be identity thief can provide a made up
social security number or one that belongs to another person and the DDL
would not know. We learned that online verification of social security
numbers is possible through a contractual relationship and subsequent
interface with the Social Security Administration. This interface would
allow the DDL to automatically validate the social security number provided
by the applicant, determine validity and to whom assigned.

We learned that wanted persons routinely transact business at the various
driver license offices. These individuals can do so with impunity since there
is no procedure in place to allow for the real time electronic sharing of
information between the driver license database and FDLE.

During case presentation we learned that private driving schools are often
utilized in obtaining fraudulent driver licenses and fraudulent issue
commercial driver licenses. Some of these schools would provide all of the
necessary documentation, test results and fraudulent medical examination
for anyone willing to pay the required fee to secure a commercial driver
license. Although federal law mandates state regulation of these schools,

                                      Page 12 of 32
                                Attachment B-1

there are currently only 8 individuals statewide to inspect and monitor the
126 schools located throughout the state.

Currently there are no uniformed law enforcement officers routinely
assigned to the driver license offices. We heard testimony that individuals
(brokers) prowl the parking lots of driver license offices ready to provide
fraudulent documentation to would-be identity thieves.

We learned that while merchants or financial institutions have the ability to
read the magnetic stripe on the driver license and identification card, there
currently is no procedure that allows for these merchants or financial
institutions to verify the information. Merchants and financial institutions do
not have access to any database maintained by or contributed to by DDL that
contains verifying information.

We recognize that all of the recommended security features and procedural
changes may add to the cost of issuing a driver license or identification card.
We have learned that Florida currently charges $10 for a replacement driver
license while it costs $10.50 to produce. This fee is among the lowest in the
nation.

C. SECURITY OF PERSONAL INFORMATION

As an investigating body examining evidence in criminal cases, our inquiry
naturally included questions concerning the source of the information used
to compromise someone's identity. This is generally what we learned.

Florida has one of the most open public records laws in the country.
Virtually all of our government documents and information are available to
the general public for the asking. This information, subject to some
exclusions, contains virtually all of the information an identity thief would
require to compromise someone's identity.

Additionally, a great deal of personal identifying information is gathered by
the government in day to day operations that may not be necessary and vital
to the integrity of the transaction. Social Security numbers for example are
requested on everything from applications for a driver license to school
volunteer forms.


                                      Page 13 of 32
                                Attachment B-1

Once this information comes into the hands of the government it then, with
some exceptions, becomes public record. This information is gathered by
computer database search companies and approximately 500 consumer
reporting agencies, and is used by, among others, business people, attorneys
and investigators to verify and gather information on customers, clients,
debtors and persons who are the subject of various investigations. This
information can also be used by the identity thief to develop a full dossier on
their next victim. For example, on-line access to court records, driver license
records, motor vehicle registration information, applications for state jobs,
travel vouchers of state employees, traffic accident reports and reports of
crimes by victims are readily available. These documents contain names,
dates of birth, social security numbers, home addresses of the individual and
potentially their family members, credit card information, and other
potentially valuable personal information.

The private sector also gathers a great deal of information on their customers
and clients. Recent privacy policy notices sent to customers, in compliance
with federal legislation, indicate a presumption on the part of the private
sector that once the customer's personal information is in the possession of
the private sector, it is theirs to use as they please unless the customer
actively objects, or "opts-out". Medical service providers routinely request
the social security numbers of their patients and insurance companies
routinely request the social security number and other personal identifying
information of their customers. This information is gathered and placed into
other documents and files that then find their way into the stream of
commerce.

We have identified that the government and business take in much more
information than necessary to conduct business. For example health clubs
require members to disclose their social security numbers on applications for
membership; video rental stores ask for social security numbers on
applications; and life insurance companies ask for social security numbers of
beneficiaries; local governments ask for social security numbers on routine
transactions. We were distressed to learn from the Interim Project Report by
the Committee on State Administration and Committee on Information
Technology that 96.3% of state agencies do not even have a written policy
relating to the collection of social security numbers. This same report
indicates that 63% of these agencies disclose social security numbers on
some public record requests.

                                      Page 14 of 32
                                Attachment B-1


Medical service providers and insurance companies routinely substitute
social security numbers for patient or policy numbers, unnecessarily
exposing this sensitive information to scrutiny on such documents as health
and insurance cards. Unsecured mailboxes and trash containers provide
thieves with easy access to this personal information.

Last year Congress recognized the issue of consumer privacy by passing the
Graham-Leach-Bliley Act in recognition of the importance of the privacy of
our citizens. That act essentially gave citizens the right to prevent their
private information from being disclosed to third parties and mandated
notices to that effect be sent to all consumers. While protecting citizens from
the sale of personal information in the private sector, it did not address the
collection and dissemination of personal information by our government.
Government secures personal and private information from citizens in
countless ways. While this information may be necessary and appropriate for
government to perform its functions, we don't see the necessity of
government freely disseminating or worse, selling it back to the public.

Florida, along with many other states has a long history of keeping
government records in the sunshine. Open government laws such as Florida's
Sunshine laws serve a valuable and important purpose by allowing citizens
as well as the press to perform its watchdog functions. We do not suggest
that government should withhold information that its citizens need to ensure
that government carries out its role in a fair and efficient manner. However,
there is a vast difference between information documenting what the
government is doing on the one hand, and private and personal information
that government has collected from its citizens for a specific and limited
purpose on the other. Unlike transactions in the private sector, citizens do
not have the ability to opt out of government sharing or disclosure of their
private information.

Florida public records law trace their roots back to the turn of the century
when anyone who wanted to check a public record had to drive his horse
and buggy to the county seat, check in with the custodian of records and
laboriously pore over large dusty volumes. This slow and painstaking
process was a built in check against abuse of the system. No electronic
copies, no computers, and no Internet searches.


                                      Page 15 of 32
                                 Attachment B-1

We must balance the value of the oversight of government with the privacy
rights of citizens.

The Fifteenth Statewide Grand Jury addressed the issue of private
information in government hands in the context of PIP Fraud. Finding that
ambulance chasers were gleaning personal information from traffic accident
reports in order to perpetrate fraud, the Grand Jury recommended exempting
traffic reports from the public records statute for 60 days. A recommendation
that Florida's Legislature, to its credit, immediately embraced and codified
into Florida Statute §316. Over the years the legislature has created over 700
exemptions to the Public Records Law in an effort to strike this balance. We
are also aware that the legislature is continuing to look into further
exemptions, and that there are bills pre-filed addressing the issues of
collection and dissemination of social security numbers. We commend the
Florida Legislature for its vision and strongly encourage these efforts in this
regard.

We suggest that rather than assuming everything government collects is
automatically a public record unless otherwise exempted, we believe the
presumption should be reversed. That is, private information collected from
citizens should be presumed confidential and non-disclosable unless there is
a statutory ground for its release. We are not convinced that doing so would
violate the spirit and intent of the First Amendment.

D. VICTIMS OF IDENTITY THEFT

Identity theft victims are treated as if they rank low on the totem pole.
Though much progress has been made by law enforcement and prosecutors,
problems for victims of this crime persist.

These problems can take many forms. For many victims, the problems start
with the initial contact with law enforcement agencies. Despite the explosive
growth in these types of cases, this is still a non-traditional crime and many
officers do not have first hand experience with this crime. As a consequence,
many law enforcement agencies still express reluctance to even take reports
much less investigate.

Too often they believe the issues raised in identity theft cases to be a civil
matter, better handled by lawsuit than arrest. Jurisdiction too plays a

                                       Page 16 of 32
                                Attachment B-1

complicating part in that many of these crimes concern activity occurring far
from where the victim lives, sometimes even out of state and well outside of
the traditional jurisdictional boundaries. Not enough officers or law
enforcement agencies are acting on Florida's recently enacted statute, Florida
Statutes §817.568(8), which allows law enforcement to investigate and
prosecute identity theft cases where the only contact with their jurisdiction is
the residence of the victim.

Victims of identity theft are usually attempting to prove that they are not
responsible for a certain debt or charge, or that they are not responsible for a
crime committed in their name. Much of their contact with law enforcement
involves at least one of these scenarios. It is understandable then, that their
claims are sometimes viewed with skepticism. Certainly law enforcement
cannot be faulted for not readily accepting a claim that they have the wrong
suspect in custody. Claims of mistaken identity have long pre-existed ID
theft cases. So, too are creditors reluctant to walk away from their money on
a bare claim of stolen identity. Somewhere between suspicion and skepticism
on one side, and gullibility on the other, we must find a middle ground
where all the law abiding parties can continue to function without the
interference of identity thieves.

Victims of identity theft can lose a lot more than money. Often the
immediate and direct consequence of ID theft is the destruction of someone's
credit record. A negative credit history can cost someone the opportunity to
secure a job or purchase a home, opportunities that may not return for
victims in the near future. A negative credit history can also lead to lost
business opportunities or even bankruptcy. Unexplained credit cards and
numerous unauthorized charges can lead to suspicion and discord in a
familial relationship. Perhaps the worst thing that can happen to a victim of
an identity theft is to be arrested for crimes committed by the impersonator.
A person's dignity, good name and reputation in the community can be
destroyed by a callous and indifferent identity thief. Once destroyed, a
victim may spend years attempting to recover. While Florida has made
significant progress in the detection and prosecution of identity theft cases,
little has been done to directly address the staggering costs imposed upon the
victims of these crimes. Florida must commit to enhancing and even
restructuring the system in place as it relates to victims of identity theft.
Changes need to be made in how law enforcement treats the victims. The
judicial system has to make changes in how it goes about restoring victims to

                                      Page 17 of 32
                                Attachment B-1

their previous status. The entire financial industry, credit card issuers, banks
and merchants have to not only strengthen their procedure to avoid this fraud
in the first place, they have to commit their customer service resources to
helping victims of identity theft, ultimately their customers, restore their
credit and good standing. None of these changes will come easy nor will
they be cheap, and certainly any changes wrought will carry with it the risk
of new complications and perhaps new types of fraud. Whatever the
difficulties however, we must come to realize that the situation faced by tens
of thousands of victims of identity theft is not only unfair, but unacceptable
and we can no longer remain satisfied by the status quo.

Factual Findings

With this as the backdrop, we heard from numerous victims of identity theft
whose primary obstacle in overcoming their victimization was repairing the
damage to their credit report caused by the identity thief. The credit
reporting industry operates within the confines of the Fair Credit Reporting
Act (FCRA), and utilizes it as both a shield and a sword in their dealings
with consumers.

The FCRA authorizes the release of the information maintained by the
consumer reporting agencies for limited purposes. Among these are
employment, housing, licensure, and credit worthiness. The consumer
reporting agencies are also authorized to release a consumer report for
transactions that are not initiated by the consumer, or for offers of insurance
or credit. A consumer may elect to have their name and address excluded
from these types of transactions by notifying the consumer reporting agency.
This is referred to as an "opting out."

The FCRA sets forth the procedure that a consumer must follow in order to
dispute the accuracy of information reported on their credit report. The
FCRA does not, however, dictate what documentation the consumer
reporting agency must accept in order to determine that the information is
inaccurate or a result of fraud.

If a consumer disputes information on their consumer report they must send
notice to the consumer reporting agency. Upon receipt of this notice, the
consumer reporting agency is obligated to indicate this fact upon the
consumer report. A consumer reporting agency, once notified of a dispute, is

                                      Page 18 of 32
                                Attachment B-1

required to "reinvestigate" the status of the disputed information or delete
the item from the file within 30 days. The consumer reporting agency is
required to send a notice to the provider of the disputed information within 5
business days requesting information that will allow the agency to
"reinvestigate" the information. The consumer reporting agency is required
to remove any information found by them to be inaccurate or incomplete, or
that cannot be verified. If, after a "reinvestigation," the credit reporting
agency determines the information is accurate and complete, the consumer
has the right to add a statement to their consumer report disputing the
accuracy or completeness of the information.

A consumer is entitled to request a copy of their own credit report, for a fee
(currently up to $8.50) or receive one for no charge if the consumer has been
subject to some negative action based upon the credit report. Additionally, as
allowed by the FCRA, some states have enacted legislation that allows
consumers to receive one or two consumer reports per year at no cost to
them. Florida has not enacted such legislation.

If a consumer believes that they have been the victim of fraud, The FCRA
allows the consumer to have a fraud alert placed upon their consumer report.
The fraud alert acts as a notice to the extender of credit that this credit file
has been subject to fraudulent activity in the past and that they should make
contact with the consumer prior to extending any credit or benefits. There is
currently no requirement that the extender of credit act on the fraud alert.

The FCRA also sets forth the responsibilities of the providers of information
to consumer reporting agencies. The Act prohibits the providers of
information from reporting information with actual knowledge that it is in
error or after being notified that information relating to a consumer is
inaccurate. A provider of information has a duty to correct and update the
information they provide once they become aware that the information is
incomplete or inaccurate. Additionally, the provider of disputed information
must notify the consumer reporting agency that such information is disputed
by the consumer. Once notified by a consumer of a dispute, the provider of
the information must conduct an investigation with respect to the disputed
information; review all information provided by the consumer; report the
results of the investigation to the consumer reporting agency and if the
information is found to be incomplete or inaccurate, report those results to
all consumer reporting agencies.

                                      Page 19 of 32
                                Attachment B-1


The following are illustrations of what some of the victims related to us as
difficulties they faced in dealing with credit grantors:
     One victim's bank required her to fill out a separate fraud affidavit for
       each check passed.
     Another victim reported a retail chain required a separate set of
       paperwork for each store where fraudulent transactions occurred.
     Many victims reported that fraud alerts that had been placed on their
       credit reports were disregarded by subsequent lenders.
     Another victim reported that a major utility insisted on the following
       laundry list of requirements, three forms of identification, a written
       statement from her attorney handling her case, a lease agreement that
       showed that she lived at a different address, a written statement from
       her employer and a written statement from the Post Office that she
       was not living at the address where the services were provided, before
       removing a fraudulent account.
     Victims of identity theft are required to deal with three major credit
       reporting companies to resolve each fraudulent account.
     Another victim had to make multiple phone calls just to locate the
       correct office of a national retail chain to report a fraudulent account.
     Another victim whose identity thief opened a deferred billing account
       (90 days same as cash) did not become aware of the fraud until six
       months after the account was opened when she was contacted by a
       collection agency.
     One out of state victim who was defrauded by an identity thief in
       Florida was told that he would have to travel to Florida and petition
       the Florida Court to have the fraudulent account removed from his
       credit file.

       The victims' problems go beyond financial.
    We learned that one victim of identity theft nearly had his marriage
       destroyed when the identity thief, posing as the victim, was in an
       automobile accident in another state with a member of the opposite
       sex as a passenger.
    Another victim reported being detained in County Jail for four days
       pending extradition to Florida as a result of warrants issued for crimes
       committed by the identity thief.
The State of California recently enacted legislation that gives consumers a
right to be able to "freeze" their consumer report. In essence, if a consumer

                                      Page 20 of 32
                                Attachment B-1

freezes his report, no new transaction that relies on the consumer report, i.e.,
extension of credit, issuance of life insurance, pre-employment screening,
etc., could be conducted without the consumer removing this freeze. In order
to facilitate the freeze, the consumer is required to notify the consumer
reporting agencies by certified mail instructing the reporting agency not to
release the consumer's report for new transactions until further notice by the
consumer. Once the consumer reporting agency receives this request from
the consumer to freeze, they must provide the consumer with a Personal
Identification Number (PIN) which would allow the consumer to request
their report be unfrozen for either a specific period of time or for a specific
business or lender. This legislation was signed into law in September of
2001, and gives the consumer reporting agencies until the year 2003 to
implement the technology and procedures required to come into compliance
with the legislation. We are unable, at this point, to determine if the
potential to eliminate identity theft is outweighed by the negative
commercial consequences reported to us by the credit reporting industry.
Nevertheless, we believe Florida's citizens should have this same protection
and security. We urge the legislature to study this issue to determine if
similar legislation in Florida is needed.

III. SUMMARY OF RECOMMENDATIONS
SECURITY OF DRIVER LICENSES
     Finding: a driver license or identification card can be obtained using
      identifying (breeder) documents that have been counterfeited or that
      do not belong to the person presenting them and the breeder
      documents are not properly validated
     Recommendation: DDL employ all techniques necessary to properly
      validate these documents not only to establish that they are
      government issue but that they belong to the person who is presenting
      them as their own. In order to accomplish this, access to various
      online verification systems and better document analysis training is
      needed.
     Finding: certain driver license examiners have participated in the
      fraudulent issue of driver licenses and identification cards
     Recommendation: DDL enforce policy that more than one examiner
      be involved in the driver license or identification card issuance
      process
     Finding: corrupt driver license examiners were sought out by identity
      thieves in order to secure a fraudulent driver license or identification

                                      Page 21 of 32
                              Attachment B-1

    card
   Recommendation: DDL enforce a policy requiring DL Examiners to
    rotate stations periodically during the day so they do not have the
    ability to take the applicant through the process from start to finish.

   Finding: the Florida Highway Patrol currently has only 12
    investigators assigned to, among other things, the investigation of
    driver license fraud
   Recommendation: FHP expand their investigative unit and assign
    more investigators to the investigation of driver license fraud

   Finding: during identity theft and driver license fraud investigations,
    it is often difficult if not impossible for the investigator to determine
    what identifying documentation was provided by the applicant since
    there is no copy of the document retained by DDL.
   Recommendation: DDL photocopy or scan all identification
    documents presented and retain them with the application.
   Current Status of Recommendation: the DDL has identified this as
    being an area of concern and is in the process of taking steps to
    implement this recommendation

   Finding: address provided by the applicant intent on committing
    fraud is often an invalid address.
   Recommendation: implement address verification by requiring
    documentary proof from the applicant or through online database
    verification of the address provided
   Current Status of Recommendation: DDL has recognized this as
    being an area of concern and has included it in their Strategic Plan.
   Finding: DDL's current address change procedures are susceptible to
    fraud
   Recommendation: DDL send a letter to the last address on file
    confirming the address change.

   Finding: DDL does not require a fingerprint be placed on the initial
    application for a driver license or identification card so that fingerprint
    verification could be performed on subsequent transactions. The lack
    of fingerprints hampers the investigation of identity theft complaints
    and hurts the victim's efforts in clearing their good name.
   Recommendation: DDL begin requiring a fingerprint from the
    applicant and retain the print electronically with the DL Record
                                    Page 22 of 32
                             Attachment B-1


   Finding: Some applicants do not possess all of the required
    documents, or that the possessed documents are of such a nature that
    they do not lend themselves to immediate authentication and
    verification at the time of application
   Recommendation: that DDL issue a temporary driving permit that is
    not valid for identification, to an applicant with questionable
    documentation until documents are able to be provided and verified or
    other questions are resolved.
   Status of Recommendation: DDL is currently implementing a limited
    version of this recommendation in that they have begun issuing a 30
    day driving permit for foreign nationals to allow for additional time to
    validate their provided documents

   Finding: Supervisor involvement is not mandated when questionable
    documents are presented
   Recommendation: DDL mandate supervisor intervention and
    approval on transactions where questionable documents or
    applications are placed in front of the examiner

   Finding: Some citizens of Florida wish to have more control over
    their DL for the prevention of identity theft and fraud and are willing
    to endure additional restrictions in order to safeguard their
    information
   Recommendation: DDL allow an applicant to place a password or
    PIN number on their DL file for future use and verification. If a
    license holder has activated this feature on their driving record, any
    subsequent transaction conducted by that license holder would require
    the entry of their PIN number or password. PIN or password should
    not be encoded on the driver license or identification card itself.

   Finding: excessive longevity of the driver license compromises the
    ability of new security features to be effective
   Recommendation: driver license and identification card renewal
    process should be limited to two renewals every 3 years. The first
    three year renewal can be conducted via the mail or the Internet,
    however, the subsequent renewal should require the holder to appear
    at a driver license office and secure a new driver license or
    identification card.


                                   Page 23 of 32
                              Attachment B-1

   Finding: Current card stock and laminate (media) used for the DL
    and ID card is susceptible to erasure and other modifications
   Recommendation: the media used for the creation of the driver
    license and identification card should be of such a nature that it is
    extraordinarily difficult to alter, fabricate, or unlawfully duplicate.

   Finding: no security feature is effective if the technology and media
    used to produce the card is not protected from theft and other forms of
    compromise
   Recommendation: security features and inventory controls must be
    implemented and enforced to protect the card stock, laminates and
    other equipment and technology needed for the production of driver
    licenses and identification cards.

   Finding: no single security feature can act as a panacea to prevent
    fraud
   Recommendation: DDL implement multiple security features to deter
    compromise. Such as:
        embossed or imbedded lettering to prevent erasures or
          tampering;
        two dimensional bar code with sufficient authentication
          information contained therein for scanning by law enforcement;
        use of magnetic stripe or other like technology that would be
          accessible by merchants and the financial industry;
        use of smart chips and other smart card technologies;
        use a unique font;
        ink color and multi-color arrangement of text;
        continued use of micro printing;
        use of high quality ultraviolet ink on the front and rear of the
          license;
        use of ghost imaging, or a secondary photograph of the holder;
        use of a multiple-layered holograms, preferably 3 D, with
          embedded image of driver
        unique card stock that is subject to regulation

   Finding: identity thieves were able to secure from the DDL multiple
    licenses with their photographs under different names,
   Recommendation: employ technology to automatically scan database
    for duplicate digital images on different DLs or ID cards to
    immediately identify individuals who hold multiple licenses or
                                    Page 24 of 32
                             Attachment B-1

    identification cards under different names

   Finding: the required Social Security number is not subject to
    validation by DDL
   Recommendation: conduct online verification of social security
    number via an electronic connection with the Social Security
    Administration
   Status of Recommendation: the DDL currently has a contract
    pending approval by the SSA to provide online access for verification

   Finding: wanted persons routinely transact business at the various
    driver license offices unbeknownst to DDL or law enforcement
   Recommendation: implement a procedure to allow for the electronic
    sharing of information between the driver license database and the
    FDLE so they can then compare this data with the various state and
    federal criminal information databases to check for warrants and alert
    law enforcement when a wanted person or suspected terrorist applies
    for or obtains a driver license or identification card.

   Finding: some private driving schools and third party testers for
    commercial driver licenses are committing fraud by falsifying
    documentation
   Recommendation: new procedures be developed with regard to
    private driving schools and commercial driver license schools to
    subject them to stricter state regulation and routine audit and
    investigation.

   Finding: Driver License Offices are not routinely assigned uniformed
    law enforcement
   Recommendation: assign law enforcement to the driver license
    examination offices to provide security for people and property and to
    act as a deterrent to fraud.

   Finding: current magnetic stripe on DL and ID card is being
    underused by law enforcement and the private sector:
   Recommendation: DDL publicly encourage both law enforcement
    and the private sector to secure the necessary card readers in order to
    read the magnetic stripe and the provided information.

   Finding: Private sector has no access to any online verification

                                   Page 25 of 32
                                Attachment B-1

       provided by the DDL to validate the provided ID or DL
      Recommendation: develop and deploy limited access to the DDL
       database that would allow for a merchant or financial institution to
       verify the driver license information

   Finding: Florida has one of the lowest driver license fees in the
    nation and, in fact, charge below cost for a standard driver license
    issuance. Necessary security enhancements to the DL and ID card will
    increase the cost of a new license
   Recommendation: pass on the cost increase of the new security
    features to the user of the services, the DL and ID card holders, by
    raising the license fees to cover the costs.
SECURITY OF PERSONAL INFORMATION
   Finding: personal identifying information received by financial
    industries is treated as the property of the recipient
   Recommendation: change business practices to reflect that the mere
    act of providing personal identifying information as a condition of
    obtaining credit or services should not be presumed as granting the
    recipient the right to sell or disclose it for an unrelated purpose.

      Finding: the financial industry routinely sells and discloses personal
       identifying information of the customer unless the customer
       affirmatively objects
      Recommendation: the financial industry be prohibited from selling or
       disclosing personal identifying information without the express
       permission of the customer

      Finding: Personal identifying information is being collected by
       government agencies and disseminated pursuant to public records law,
       and the citizen has no right to object.
      Recommendation: amend Chapter 119, Florida's Public Records Law,
       to exempt, absent consent of the citizen, a court order or a compelling
       need, personal identifying information of citizens, including but not
       limited to social security numbers, birth dates, driver license numbers,
       phone numbers, mother's maiden name, bank account numbers, and
       credit card numbers.

      Finding: Personal identifying information is being disseminated
       without accountability as a part of a public record even though it is
       now subject to some exclusion or protection.
                                      Page 26 of 32
                                Attachment B-1

      Recommendation: amend Chapter 119 to hold an agency or
       individual accountable for releasing exempted personal identifying
       information along with a public record

      Finding: The public and private sectors routinely use and rely on the
       consumer's social security number for use as an identifier and an
       account number
      Recommendation: prohibit the use of social security numbers for
       independently generated identifiers to track customers, patients,
       policies, etc., unless required by law.

   Finding: The DDL currently sells and makes available driver license
    information unless the driver specifically asserts to DDL that they do
    not want their information shared. In spite of this "opting out", Florida
    Statutes still lists 19 entities that can get the information
   Recommendation: Florida law be changed so that DDL can only
    share information if the driver specifically grants their permission to
    do so and the list of 19 entities that are still entitled to the information
    be examined and unless a compelling reason exists to grant them
    access to the information, they be eliminated from the list.
VICTIMS OF IDENTITY THEFT
   Finding: some law enforcement agencies are reluctant to take identity
    theft complaints and do not generate reports in some cases
   Recommendation: all law enforcement agencies be required to
    generate a report on identity theft complaints regardless of their
    subsequent decision on whether or not they will investigate the case

      Finding: there is no centralized location to which Florida victims of
       identity theft can report the crime to
      Recommendation: create and fund a statewide clearing house for
       identity theft complaints or expand the existing database created by
       the Strike Force on Fraudulent Entities (SAFE) initiative to
       accomplish this goal.

      Finding: very few law enforcement officers receive specific training
       in the recognition and investigation of identity theft cases
      Recommendation: each department should have officers specially
       trained on how to recognize and investigate identity theft cases
      Finding: many victims of identity theft do not know what to do to
       clear their names after their identity is stolen,
                                      Page 27 of 32
                              Attachment B-1

   Recommendation: a standardized victim brochure be provided by law
    enforcement to the victim to give victims a checklist of procedures to
    follow after filing the police report

   Finding: Consumer education is highly effective in minimizing
    identity theft
   Recommendation: that every government agency work together to
    develop and disseminate public service announcements on practical
    ways to deter identity theft.

   Finding: the extension of credit normally relies on information
    contained within a consumer credit report. Credit grantors do not
    always honor or comply with the instructions or directions given in
    the fraud alert that has been placed on the report
   Recommendation: better policies and practices be implemented by
    credit grantors to honor and abide by the instructions provided to them
    in a fraud alert

   Finding: fraud alerts that victims of identity theft place on their credit
    files are limited to 90 days in duration
   Recommendation: victims of identity theft be allowed to place
    permanent fraud alerts on their credit reports

   Finding: California has recently enacted legislation that would allow
    a consumer to "freeze" their credit report or consumer report.
    Consumer Reporting Agencies have until the year 2003 to comply
   Recommendation: that the credit reporting agencies determine the
    effectiveness of the new California credit freeze legislation in
    preventing identity theft and, if effective, grant those same rights to all
    consumers, regardless of location.
   Further Recommendation: that the Florida Legislature study the
    viability of this legislation in Florida.

   Finding: there is no uniformity among the credit bureaus or consumer
    reporting agencies as to what documentation is required to remove
    fraudulent information from the consumer's report
   Recommendation: credit reporting agencies standardize their
    procedures as to what documentation and verification a victim of
    identity theft must provide in order to remove the fraudulent
    information

                                    Page 28 of 32
                                Attachment B-1

      Status of Recommendation: credit reporting agencies have recently
       implemented a policy that accepts any police report indicating identity
       theft as prima facie evidence that the information is fraudulent and
       blocks that information from disclosure

     Finding: many individuals become aware that they have been victims
      of fraud or identity theft by reviewing the information contained
      within their credit report. The Fair Credit Reporting Act allows states
      to require the credit reporting industry to provide up to two free credit
      reports per year to that state's citizens. Florida law does not currently
      require this
     Recommendation: the Legislature should require the credit reporting
      industry to provide citizens of Florida with two free credit reports per
      calendar year.
IV. CONCLUSION
When we embarked on this inquiry, we had no idea how complex,
provocative, and stimulating this subject would become for us. We have
deliberated and debated amongst ourselves, called for a great deal of
testimony and legal advice, and asked many pertinent and relevant questions.

By the issuance of this report, we urge all Florida's citizens to take the issue
of identity theft seriously, to keep their personal information inviolate, to
support the work of government officials in limiting the intake and
subsequent availability of our personal identifying information, and to foster
the necessary relationship between the private financial industry and law
enforcement to facilitate the successful investigation and prosecution of
cases of identity theft. We, the members of the Sixteenth Statewide Grand
Jury, believe that to combat and defeat the identity thief requires a group
effort and partnership between the citizenry, the public and the private sector
and the devotion of adequate resources to make these investigations and
prosecutions successful. We believe that resources, accountability, and
cooperation are the keys to success. As we end this part of our inquiry and
issue this interim report, we are optimistic that Florida's government
officials, private and commercial entities, and ordinary citizens will answer
this call.

THIS REPORT IS RESPECTFULLY SUBMITTED to the Honorable Alice
Blackwell White, Alternate Presiding Judge of the Sixteenth Statewide
Grand Jury, this _____ day of January, 2002.

                                      Page 29 of 32
                              Attachment B-1


_________________________________
KEVIN F. MORRIS
Foreperson
Sixteenth Statewide Grand Jury of Florida

I, MELANIE ANN HINES, Statewide Prosecutor and Legal Adviser,
Sixteenth Statewide Grand Jury of Florida, hereby certify that I, as
authorized and required by law, have advised the Grand Jury which returned
this report on this _____ day of January, 2002.

________________________________
MELANIE ANN HINES
Statewide Prosecutor
Legal Adviser
Sixteenth Statewide Grand Jury of Florida

I, OSCAR GELPI, Special Counsel and Assistant Legal Adviser, Sixteenth
Statewide Grand Jury of Florida, hereby certify that I, as authorized and
required by law, have advised the Grand Jury which returned this report on
this _____ day of January, 2002.

_______________________________
OSCAR GELPI
Special Counsel
Assistant Legal Adviser

I, THOMAS A. SADAKA, Special Counsel and Assistant Legal Adviser,
Sixteenth Statewide Grand Jury of Florida, hereby certify that I, as
authorized and required by law, have advised the Grand Jury which returned
this report on this _____ day of January, 2002.

_______________________________
THOMAS A. SADAKA
Special Counsel
Assistant Legal Adviser
                                  ORDER
This Report is ordered sealed until the requirements of Section 905.28,
Florida Statutes, have been met. Upon written motion of the Legal Adviser,

                                    Page 30 of 32
                                Attachment B-1

the Court will address the issue of publication. Further, upon the Legal
Adviser's oral motion for disclosure for the purposes of furthering justice, the
Legal Adviser is authorized to disclose the testimony and proceedings
recounted in the foregoing document in furtherance of the criminal
investigative and civil administrative responsibilities of the Sixteenth
Statewide Grand Jury.

______________________________________
Alice Blackwell White
Alternate Presiding Judge
Sixteenth Statewide Grand Jury of Florida
Dated: ________________________________


STATEWIDE GRAND JURY REPORT
IDENTITY THEFT IN FLORIDA
APPENDIX A

RECENT AND SIGNIFICANT ACCOMPLISHMENTS
TO COMBAT IDENTITY THEFT IN FLORIDA
   The creation of the Governor's Privacy and Technology Task Force
    whose appointed members heard testimony and generated a report in
    December of 1999 on issues related to privacy and identity theft.
   The Florida Legislature embraced the recommendations of the
    Governor's Privacy and Technology Task Force and passed
    enhancements to Florida's identity theft statute, §817.568, to make it
    one of the strongest in the country.
   The creation of a statewide task force within the Florida Department
    of Law Enforcement to target identity theft.
   The establishment of what has become a nationally recognized
    Identity Theft Prosecution Unit within the Office of Statewide
    Prosecution.
   The devotion of resources for the training of Florida prosecutors and
    law enforcement officers on issues related to the investigation and
    prosecution of identity theft cases.
   The legislative appropriation of funds to study and report On Design
    Methods and Procedures to Make the Florida Driver License and
    Identification Card More Resistant to Tampering and Counterfeiting.
   The formation of a multi-disciplined focus group to study security


                                      Page 31 of 32
                          Attachment B-1

features of the Florida Driver License and Identification Card to make
it one of the most secure driver licenses and identification cards in the
country.




                               Page 32 of 32

				
DOCUMENT INFO
Description: State of Florida Reporting Contract Fraud Against Consumers document sample