Identity Theft Act
By: Jasmine Saifkani
What is it?
The Identity Theft Penalty Enhancement Act amends the federal criminal code to establish penalties for aggravated identity theft in addition to the existing punishments for related felonies. The act adds two years to prison sentences for “knowingly transferring, possessing, or using, without lawful authority, a means of identification of another person” during and in relation to specified felony violations.
Who is affected?
Unlike most other privacy and identity theft protection
measures which set out rules to safeguard information,
this law is intended to punish those who misuse
information and therefore affects all U.S. residents.
How can we prevent it?
According to a study by the University of Michigan,
as much as 70 percent of all identity theft cases involve
people inside companies. Companies that implement
safe information handling practices play an important
role in keeping identifying information out of the hands
of criminals. Companies should consider how and what
information they collect, the policies in place to ensure
secure storage, who has access to personal information,
protocols for sharing and disclosing information, and
the company’s practices for disposing of confidential
When was the act passed?
Introduced: Apr 10, 2003 (108th Congress, 2003–2004)
Status: Enacted — Signed by the President on Jul 15, 2004
Law: This bill became the law numbered Pub.L. 108-275.
In July 2004, President Bush signed legislation passed by Congress in response to the growing problem of identity theft as more and more Americans use the Internet to shop and manage their personal finances.