SRC-TAG S.B. 405 78(R) BILL ANALYSIS Senate Research Center S.B. 405 78R4461 KCR/RCJ-DBy: Hinojosa Criminal Justice 3/18/2003 As Filed DIGEST AND PURPOSE Currently, identity theft is one of the fastest growing crimes in the United States. In 2001, the Federal Trade Commission (FTC) ranked Texas outside the top ten states; in 2002, however, Texas rose to number three. As proposed, S.B. 405 improves the ability of law enforcement to combat identity theft, provides prevention measures, and assists victims in recovering from identity theft. RULEMAKING AUTHORITY Rulemaking authority is expressly granted to the Texas Department of Public Safety in SECTION 2.05 (Section 411.364, Government Code) of this bill. SECTION BY SECTION ANALYSIS ARTICLE 1 SECTION 1.01. (a) Amends Section 20.02(a), Business & Commerce Code, to establish that Section 20.35 is an exception to the provision of this section. (b) Amends Chapter 20, Business & Commerce Code, by adding Section 20.035, as follows: Sec. 20.035. DISCLOSURE CONCERNING IDENTITY THEFT. (a) Requires a consumer reporting agency that knows or should have known of suspicious activity related to a consumer's credit or other financial accounts to immediately disclose to the consumer in writing all information pertaining to the consumer in the agency's files as described by Section 20.03, regardless of whether the consumer requests the information. (b) Provides that for purposes of this section a consumer reporting agency, under certain circumstances, is presumed to know or have known of suspicious activity related to a consumer's credit or other financial accounts. (c) Provides that it is a defense to a civil action brought under this section that the consumer reporting agency made a good faith effort to make the disclosure required by Subsection (a) but was unable to locate the consumer. (c) Amends Section 20.04(b), Business & Commerce Code, as follows: (b) Prohibits a consumer agency from charging a fee for a disclosure of a consumer file required by Section 20.035. (d) Provides that this section applies only to conduct occurring on or after September 1, 2003. SECTION 1.02. (a) Amends Chapter 35D, Business & Commerce Code, by adding Section 35.58, as follows: Sec. 35.58. BUSINESS RECEIPT CONTAINING DEBIT OR CREDIT CARD INFORMATION. (a) Provides that this section does not apply to a transaction in which the sole means of recording a person's debit or credit card account number on a receipt or other document evidencing the transaction is by handwriting or by an imprint or copy of the debit or credit card. (b) Prohibits a person that accepts a debit or credit card for the transaction of business from using a cash register or other machine to print a receipt or other documents that evidences the transaction unless at least four digits of the cardholder's credit card account number are omitted from the receipt or document. (c) Provides that a person who violates this section is liable to the state for a civil penalty in an amount not exceeding $500 for each calendar month during which a violation occurs. Prohibits the civil penalty from being imposed for more than one violation that occurs in a month. (d) Authorizes the attorney general or the prosecuting attorney in the county in which the violation occurs to bring suit to recover the civil penalty imposed under Subsection (c). SECTION 1.03. Amends Chapter 35D, Business & Commerce Code, by adding Section 35.59, as follows: Sec. 35.59. RETAIL CREDIT CARD APPLICATION. (a) Requires a person engaged in the retail sale of goods or services that issues a credit card for use by a consumer to ensure that only persons who are supervisors or managers employed by the person process or otherwise have access to the consumer's credit card application. (b) Provides that a person who violates this section is liable to the state for a civil penalty in an amount not exceeding $1,000 for each violation. Authorizes the attorney general or the prosecuting attorney in the county which the violation occurs to bring suit to recover the civil penalty imposed by this section. (c) Authorizes the attorney general to bring an action in the name of the state to restrain or enjoin a business entity from violating this section. SECTION 1.04. Amends Chapter 392D, Finance Code, by adding Section 392.307, as follows: Sec. 392.307. VICTIM OF IDENTITY THEFT. (a) Requires a debt collector, upon receipt of a copy of a criminal complaint alleging the commission of an offense under Section 32.51 (Fraudulent Use or Possession of Identifying Information), Penal Code, and a copy of an accompanying police report from a consumer, to stop debt collection activities against the consumer on any debt incurred because of the use of identifying information in violation of that section. (b) Authorizes a debt collector to resume debt collection activities against the consumer under Subsection (a) only if the person charged with an offense under Section 32.51, Penal Code, is acquitted or the charge is dismissed; or the statute of limitations bars prosecution of the offense. SECTION 1.05. Amends Title 3Z, Finance Code, by adding Chapter 278, as follows: CHAPTER 278. THUMBPRINT SIGNATURE PROGRAM Sec. 278.001. DEFINITIONS. Defines "financial institution." Sec. 278.002. THUMBPRINT SIGNATURE REQUIRED TO CASH CERTAIN CHECKS. (a) Prohibits a financial institution from paying a check presented by a person who does not have an account with the financial institution unless the person provides the person's thumbprint on the check. (b) Provides that Subsection (a) does not apply to a check presented by a person whose physical condition makes taking the person's thumbprint impossible. Sec. 278.003. CIVIL PENALTY. (a) Provides that a financial institution that violates Section 278.002 is liable to the state for a civil penalty in an amount not exceeding $750 for each violation. Authorizes the attorney general or the prosecuting attorney in the county in which the violation occurs to bring suit to recover the civil penalty under this section. (b) Authorizes the attorney general to bring an action in the name of the state to restrain or enjoin a financial institution from violating this section. ARTICLE 2 SECTION 2.01. (a) Amends Chapter 2, Code of Criminal Procedure, by adding Article 2.28, as follows: Art. 2.28. REPORT REQUIRED IN CONNECTION WITH FRAUDULENT USE OR POSSESSION OF IDENTIFYING INFORMATION. (a) Requires a peace officer who investigates an alleged violation of Section 32.51, Penal Code, to make a written report that includes certain information. (b) Requires a peace officer, upon a victim's request, to provide the victim with the report created under Subsection (a). Requires the police officer providing the report, to redact any otherwise confidential information that is included in the report, other than the information described by Subsection (a). (b) Makes application of this Act prospective to September 1, 2003. SECTION 2.02. (a) Amends Chapter 13, Code of Criminal Procedure, by adding Article 13.28, as follows: Art. 13.28. FRAUDULENT USE OR POSSESSION OF IDENTIFYING INFORMATION. Authorizes an offense under Section 32.51, Penal Code to be prosecuted in any county in which the offense was committed; or the county of residence for the person whose identifying information was fraudulently obtained, possessed, transferred, or used. (b) Makes application of this Act prospective to September 1, 2003. SECTION 2.03. Amends Article 15.03, Code of Criminal Procedure, by adding Subsection (c), as follows: (c) Authorizes the magistrate, notwithstanding Subsection (a), to issue a warrant of arrest or summons based on a person's statement under oath alleging an offense under Section 32.41(Issuance of Bad Check), Penal Code, or alleging an offense under 31.03 (Theft), Penal Code, or 31.04 (Theft of Service), Penal Code committed by means of fraudulently issuing or passing a check or similar sight order for the payment of money, only if the person's statement indicates that two or more forms of the identification were required from the alleged offender at the time the check or similar sight order was accepted for the payment of the money. SECTION 2.04. Amends Subdivision 3, Article 56.01, Code of Criminal Procedure, to redefine "victim." SECTION 2.05. Amends Chapter 411, Government Code, by adding Subchapter L, as follows: SUBCHAPTER L. IDENTITY THEFT UNIT Sec. 411.361. DEFINITIONS. Defines "attorney representing the state" and "identity theft." Sec. 411.362. IDENTITY THEFT UNIT. (a) Requires the director to create an identity theft operated by the Department of Public Safety (DPS). (b) Requires the director to employ commissioned peace officers and noncommissioned employees to perform duties required by the unit. Sec. 411.363. DUTIES. Requires the identity theft to unit to encourage, assist, and initiate investigation regarding to identity theft. Sec. 411.364. RULES. Requires the DPS to adopt the necessary rules to implement this subchapter. SECTION 2.06. (a) Amends Section 32.51, Penal Code, by amending Subsection (d) and adding Subsection (f) as follows: (d) Authorizes the court to order the defendant to reimburse the victim for lost income or other expenses, including attorney's fee, rather than other attorneys' fees, incurred as a result of the offense, if it orders a defendant convicted of an offense under this section to make restitution to the victim of the offense. (f) Provides that for the purposes of this section, intent to harm or defraud another is presumed if the actor obtains, possesses, transfers, or uses the identifying information of six or more persons without the consent of those persons. (b) Makes application of this Act prospective to September 1, 2003. ARTICLE 3 SECTION 3.01. (a) Establishes that except as provided by Subsection (b), this Act takes effect September 1, 2003. (b) Provides that Section 1.02 of this Act takes effect January 1, 2004.