I want to update you on our work to prevent identity theft, ensure credit report accuracy, and protect consumer privacy. In July, despite our best efforts and thousands of e-mails from supporters like you, the U.S. House Financial Services Committee overwhelmingly approved legislation (HR 2622) that would permanently bar states from enacting most state privacy laws that are stronger than federal law through a process known as preemption. Although this legislation includes modest improvements to federal identity theft protections, its permanent bar on state authority is unacceptable.

Now, however, the stakes are even higher. In August, after a hard-fought 4 year campaign, CALPIRG and other groups, including AARP and Consumers Union, successfully passed the nation's strongest financial privacy law through the California legislature, despite a multi-million dollar bank industry campaign against it.

But unless the Senate amends the House bill, most of California's new financial privacy law could be thrown out in court.

Please take a moment to urge your U.S. Senators to support strong federal legislation that protects consumers from identity theft and credit reporting errors but doesn't prevent states from passing even better laws, especially financial privacy laws. Then, ask your family and friends to help by forwarding this e-mail to them.

To take action, click on this link or paste it into your web browser: pirg.org/alerts/route.asp?id=6&id4=OHFreep

BACKGROUND

Identity theft is a growing crime affecting hundreds of thousands of Americans, but the financial industry wants to restrict states' efforts to prevent identity theft and prevent states from passing better laws to clean up credit report errors. Mistakes in credit reports leave consumers with deflated credit scores and inflated interest rates on their mortgages and credit cards, unfairly costing them thousands of dollars.

These problems are finally being debated in Congress this year, but only because the financial industry wants Congress to extend a temporary limit that will expire at the end of the year on the authority of states to pass stronger credit accuracy and identity theft laws.

The 1970 Fair Credit Reporting Act (FCRA) regulates credit bureaus. In 1996, Congress amended the law to make it easier to fix mistakes and added new provisions intended to ensure that department stores, banks and credit card companies protect the accuracy and privacy of consumer records. At the same time, Congress enacted a temporary limit that preempted states from taking most actions to strengthen the law until January 1st, 2004.

Unfortunately, the reforms in the 1996 Fair Credit Reporting Act haven't worked to stop mistakes, and identity theft has skyrocketed.

Identity theft led all consumer complaints to the Federal Trade Commission (FTC) each of the last three years. Worse, complaints doubled in 2002. An astonishing 380,000 citizens contacted the Federal Trade Commission in 2002, reporting fraud losses of over $343 million. According to a recent report, the average victim spends 175 hours and $808 out-of-pocket removing an average of $17,000 in fraudulent accounts from their credit report.

Identity theft is made easier by sloppy credit granting practices. Although Congress made identity theft a felony in 1998, since then it's done nothing else. And banks and credit card companies oppose laws that would hold them responsible when they make mistakes.

A recent major study of 500,000 consumers by the Consumer Federation of America found that nearly one-third had differences in their credit reports held by the three leading credit bureaus that would cause a 50-point different in their credit scores. The Consumer Federation of America conservatively estimates that up to 8 million Americans would wrongly be classified into the expensive, sub-prime credit markets.

In 1999, Congress passed the Gramm-Leach-Bliley Act, which allows banks to merge with insurance companies and stock brokers and essentially encouraged members of the same corporate family to share customers' financial information. This law does require companies to give consumers notice of their privacy policies, but provides consumers only a limited right to say no or opt-out of having financial information shared with some third parties, primarily telemarketers. Consumers have no right through federal law to stop members of the same corporate family and most third parties from sharing their confidential financial information. However, the Gramm-Leach-Bliley Act did give states the right to pass stronger financial privacy laws.

In our view, the states are "laboratories of democracy" that can react more quickly to solve problems. Time after time, several states act to solve a problem, industry voluntarily adopts state reforms nationwide, and then Congress raises the federal standard. But it is rare that Congress acts to protect consumers if states aren't allowed to pass their own laws. Recognizing this, the financial industry prefers that federal law preempt state law.

Several states have tried to enact stronger financial privacy laws using that right granted by the Gramm-Leach-Bliley Act. North Dakota and Vermont have passed laws that protect against sharing customers' financial information with third parties, and California has become the first state to also protect against sharing customers' financial information among the hundreds or thousands of corporate affiliates a company may have.

The new California financial privacy law, championed by State Senator Jackie Speier, is expected to be signed by Governor Davis. It would require banks to get your express consent (ask you to agree or opt-in) before sharing your confidential financial information with most third parties, including telemarketers. Banks would have to ask your permission (give you the right to say no or opt-out) before sharing your information with most members of their corporate family, known as affiliates. These protections are substantially stronger than federal law, which has no protections at all (neither an opt-in nor opt-out) for all sharing of your confidential records (what you buy with your credit card, your bank balances, etc) with affiliates and also for most sharing with third parties.

But the financial industry wants Congress to permanently extend the Fair Credit Reporting Act preemption that prohibits states from passing stronger privacy laws than the federal government because it believes it will be able to reverse most of the new California law in the courts if it does so. It has a strong legal case, and is spending millions to prevail in the Congress.

In an effort to guarantee passage of a permanent extension of the law preempting states' rights, the financial industry has agreed only to support token reforms that are designed to comfort victims but are not adequate to stop the sloppy creditor practices that lead to both identity theft and credit report errors in the first place.

Please take a moment to urge your U.S. Senators to support strong federal legislation that protects consumers from identity theft and credit reporting errors but doesn't prevent states from passing even better laws, especially financial privacy laws. Then, ask your family and friends to help by forwarding this e-mail to them.

To take action, click on this link or paste it into your web browser: pirg.org/alerts/route.asp?id=6&id4=OHFreep

Sincerely,
Erin Bowser Ohio PIRG Advocate