The Local newsletter is your free, daily guide to life in Colorado. For locals, by locals. Sign up today!
Did you know that Colorado is one of two states in the country where identity theft is not a crime? The legislature is considering a bill to rectify the problem, but passage appears dubious.
For the second year in a row, lawmakers have scuttled proposals to make identity theft a felony, saying they don’t have enough money to prosecute and imprison the violators. Instead, the Legislature is considering whether to allow people to help protect their credit by putting a freeze on their information.The Perfect Gift For Everyone On Your List!Give a Gift Now »
Give One Year of 5280 for just $16.
However, because of objections from Gov. Bill Owens, it would no longer require companies to warn customers that their databases have been hacked, putting them at risk of being victimized.
Sen. Dan Grossman, D-Denver, said Monday he stripped that portion of the bill to avoid a veto because the governor thought it was a burden on business. The measure (Senate Bill 137) was given final approval by the Senate and sent to the House of Representatives.
Should Colorado follow California’s lead and enact a law the requires companies to notify customers when their databases have been hacked? Or would this proposal be sufficient?
Under the Colorado proposal, companies would still have to notify people who have requested credit history freezes if they have given out the information anyway. Those people would be able to sue for up to $10,000 in damages.
The bill allows people to block access to their credit history for no charge by sending a letter or e-mail or by telephoning their credit agencies. They can remove the freeze at anytime. For example, someone applying for a mortgage could lift the freeze to allow lenders to review their credit.
But will we even get that protection? Not if this Republican state senator has her way:
Sen. Norma Anderson, R-Lakewood, said she objected to forcing businesses to provide a service but not letting them charge for it.
I’m in favor of California’s solution. If a company has insufficient security measures in place to protect consumer information, why shouldn’t it pay for notification and remedial measures?