Home
home
 
 
CBA Publications
Latest Banking News
California Banker
Federal PAC Fundraising Guide
Community Banker
Compensation Survey
Corp Governance Bulletins
Grassroots Update
Legislative Summary
Monday Courier
Regulatory Compliance Bulletins
BOLI Resources
   
 

CBA Publications >> CBA Regulatory Compliance Bulletin >> Vol 2001 No. 18, December 10, 2001

Vol 2001 No. 18, December 10, 2001

California Identity Theft Bill II

In an earlier bulletin (no. 15), CBA analyzed a new identity theft bill, SB 168, which permits a consumer to alert a credit reporting agency (CRA) of potentially fraudulent activities involving the consumer's credit information and to block access to a report. Another bill signed into law, AB 655, provides consumers with further protections against identity theft. It mostly affects CRAs, but also includes provisions directly applicable to creditors.

Definitions. The bill provides the following definitions:

Identity theft means the unauthorized use of another person's personal identifying information to obtain credit, goods, services, money, or property.

Personal identifying information means a person's name, address, telephone number, driver's license number, social security number, place of employment, employee identification number, mother's maiden name, demand deposit account number, savings account number, or credit card number.

Victim of identity theft means a person who had his or her personal identifying information used without authorization by another to obtain credit, goods, services, money, or property, and did not use or possess the credit, goods, services, money, or property obtained by the identity theft, and filed a police report in this regard pursuant to Section 530.5 of the Penal Code (which makes identity theft a crime).


Creditor provisions.

Confirmation of address. Under the new bill, if a creditor discovers that the address on the consumer credit report does not match the address of the credit applicant, the creditor must take reasonable steps to verify its accuracy and confirm that the credit transaction is not the result of identity theft. The creditor must do so by contacting the consumer by telephone or by mail for confirmation.

Sale of credit. A creditor may not sell a consumer debt, including to a collector, if the consumer's file with a CRA is blocked with respect to that debt (pursuant to SB 168) or if the consumer has provided the creditor with information in writing that the consumer is not obligated to pay because of identity theft. The information supplied by the consumer is deemed to be sufficient if it gives the creditor "reasonable grounds to determine that consumer's statement of identity theft is not frivolous." This restriction does not apply to the sale of a debt to the creditor's subsidiary or affiliate.

Verification before extending credit. If a creditor receives a "clearly identifiable notification" from a CRA that information in a report of a prospective borrower has been blocked, the creditor may not extend credit without taking reasonable steps to verify the borrower's identity and to confirm that the credit transaction is not the result of identity theft. Note, however, that neither SB 168 nor this bill prescribes procedures or even an obligation by a CRA to notify users of an alert or freeze on a report.


CRA provisions. With respect to CRAs, AB 655:

permits a consumer to request to be removed from lists that a CRA furnishes for credit card solicitations;

requires CRAs to block certain information in a report when a consumer provides a valid copy of a Department of Motor Vehicles investigative report indicating that another person has unlawfully used the consumer's personal identifying information;

establishes procedures regarding the unblocking of certain information by a CRA after an allegation of identity theft by a consumer, and permits a CRA to disregard a consumer's version of disputed information under specified conditions;

requires a CRA to delete from a report those inquiries for credit reports that were initiated as the result of identity theft;

creates a cause of action for victims of identity theft against any person who fails to comply with the bill, and a cause of action, including a cross-claim action, against a "claimant," which is a person "who has or purports to have a claim for money or an interest in property in connection with a transaction procured through identity theft." In addition to actual damages, attorneys fees, and punitive damages of not more than $30,000, remedies available include declaratory relief that a debt is void and that any security interest is void, and other injunctive relief;

eases identity theft victims' ability to join defendants in a single action even where it is uncertain whether a particular defendant is liable under the new law; and

amends and expands provisions governing the generation and use of investigative consumer reports.

AB 655 is effective on January 1, 2002. If you have any questions, you may contact CBA's lead lobbyist on this bill, James Clark, at 916-441-7377 ext. 209.

The information contained in this CBA Regulatory Compliance Bulletin is not intended to constitute, and should not be received as, legal advice.  Please consult with your counsel for more detailed information applicable to your institution.
   

CBA Regulatory Compliance Committee

Patricia A. Cantu (Chair), Mary Lou Bonkofsky, Janet Bonnefin, Lyndon Christensen, James Curtis, Vira Jo Denny, Michael Hood, Jeri Killian, Lynn Lawrence, Stuart J. Lehr, Garry Prosperi, Thomas E. McCullough, James Rockenbach, Christine Scott, Deborah Thoren-Peden, James Thvedt and Meg Troughton

Leland Chan, General Counsel
California Bankers Association 201 Mission Street Suite 2400 San Francisco California 94105-1839 
Tel (415) 284-6999ext. 214, Fax (415) 284-1521 
E-mail: lchan@calbankers.com
Return to top