Privacy law may finally take effect

State legislators clarify intent of consumer-protection statute in response to complaints by national credit-reporting firms.

By H.J. CUMMINS, Star Tribune

February 19, 2008 — 8:49pm

Legislators took their third swing at consumer-privacy protections on Tuesday, amending a law they put on the books two years ago but that hasn't been implemented because of business objections.

At issue is a list of outlawed uses of Social Security numbers, the unique personal identifier at the center of many privacy disputes because of its value both to businesses and to identity thieves.

National credit-reporting agencies have warned that if the law takes effect as scheduled on July 1, they will stop doing business in Minnesota, said Sen. Don Betzold, DFL-Fridley.

They objected to a section that makes it illegal to sell Social Security numbers. They told Betzold they believe the ban covers any document that is sold that contains an individual's name and Social Security number -- including the credit reports they sell to lenders, mortgage brokers and credit-card companies.

On Tuesday, Betzold told the Senate Committee on Commerce and Consumer Protection that he doesn't interpret the law to extend to that. But he proposed, and the committee approved, amended language to exclude it.

The bill now goes to the Senate Judiciary Committee. The House must also adopt the changes, or the original language will apply when the law takes effect July 1.

Representatives from business group including the Minnesota Bankers Association and the Consumer Data Industry Association spoke in favor of Betzold's changes.

Privacy advocate Rich Neumeister said his continuing concern is that the law allows the attorney general, but not individual consumers, to enforce it.

"Is it really doing anything, when they take out individual remedies?" Neumeister said.

Work on the legislation, designed to protect consumers from identity thieves, goes back several years. The law bans practices including: requiring consumers to send their Social Security numbers across the Internet; requiring they use their numbers on any kind of business password; and printing their numbers on customer mailings.

It passed the Legislature in 2006 with a July 2007 effective date to give businesses time to prepare for the changes, Betzold said. Continuing disagreement over the language last year prompted legislators to delay implementation for another 12 months.

Legislators and privacy advocates said they interpreted the sale ban to cover organizations selling lists of Social Security numbers, to business solicitors, for example.

But Stacia Smith, manager of privacy policy at the Minnesota Chamber of Commerce, said financial institutions had their doubts.

"We agree we shouldn't have any ability to package up Social Security numbers, so if the bill refers only to that transaction, we completely support it," Smith said.

Businesses' other concern is jeopardizing their use of Social Security numbers to confirm the identities of consumers, she said. Other suggestions, such as truncated Social Security numbers, are not as reliable, she said.

H.J. Cummins • 612-673-4671

StarTribune

Privacy law may finally take effect

Trump could avoid trial this year on 2020 election charges. Is the hush money case a worthy proxy?

As Blinken heads to China, these are the major divides he will try to bridge

What to know about the Supreme Court case about immunity for former President Trump

Pennsylvania's primary will cement Casey, McCormick as nominees in battleground US Senate race

Mississippi lawmakers move toward restoring voting rights to 32 felons as broader suffrage bill dies