Here's a quote from the article:
With a reported 25 percent increase in reported cases of identity theft in 2008, U.S. Sen. Charles Schumer is pushing legislation intended to increase the criminal penalties for offenders and take action to protect consumers.
The Personal Data Privacy and Security Act, sponsored by Sen. Patrick Leahy, D-Vt., would address the fundamental ways that information gets into the hands of evildoers and penalize companies who are lax in notifying people that their information has been compromised.
Schumer relayed the story of Albert Gonzalez, a 28-year-old former government informant who recently pleaded guilty to identity theft charges after being accused of stealing millions of credit and debit card numbers from national retailers.
At the time of his arrest, authorities reported that he was driving around Miami with a laptop computer looking for open networks at retail stores to hack into. He then stole and sold the numbers which were used for various fraudulent transactions around the world.
In addition to the charges he plead in the New England area, additional charges are pending in a number of other states.
"Right now, there is a patchwork of local, state and federal laws dealing with identity theft but it isn't adequate," Schumer said.
"This bill would provide comprehensive protection for consumers and stiffer penalties for offenders. Some of these people are stealing upwards of a million dollars and getting a year in prison, turning around and doing it again because its lucrative."The rest of the article can be found at http://post-journal.com/page/content.detail/id/540081.html?nav=5018.
Senator Schumer, if you want companies to comply with whatever law you help get passed, then you'd better include private enforcement (i.e. a right for private individuals to sue non-complying companies whose violations cause them damage). Otherwise, the law will be useless and better off not passed, since its passage will likely preempt state laws that do provide for private enforcement.