A Privacy Bill, or Else

Californians get what Washington doesn’t: Individual privacy faces an unprecedented assault, with one survey suggesting that last year alone, 7 million consumers fell victim to identity theft. It’s gotten so bad that federal authorities employ a word -- “phishing” -- to describe the practice by high-tech criminals of sending official-looking e-mails, ostensibly from EBay or some other company, to gull unsuspecting consumers into giving up data that make identity theft a breeze. At the same time, insurers, banks and investment firms are building huge databases and selling consumer information to the highest bidder.

Congress, given the chance to tackle these burgeoning invasions of privacy, has blundered. In its recent review of the Fair Credit Reporting Act, a key consumer protection law, the House Financial Services Committee embraced a provision to bar California and other states from enforcing privacy rules tougher than Uncle Sam’s anemic regulations.

The committee did propose to make it easier for identity-fraud victims to clear their names. But business lobbyists stopped proposals to restrict the use of Social Security numbers in financial documents and let consumers opt out of receiving unsolicited marketing messages.

The credit act will come up for another, separate review by the Senate, where privacy advocates hope the issue will get better handling. Considering the sharp escalation in identity theft cases -- a survey by the technology consulting firm Gartner Inc. estimated that identity theft rose 80% in 2002 to 7 million victims -- federal and state lawmakers need to keep privacy rules at the fore.

Californians, whose state Constitution lists privacy as an inalienable right, should insist that their lawmakers quickly reconsider SB 1, a privacy bill introduced by Sen. Jackie Speier (D-Hillsborough); it died in Assembly committee after an all-out assault by the financial services industry.

The ferocity of the opposition to the temperate SB 1, which would have required Californians to give written approval before their personal financial information could be sold or shared with third-party businesses, was shortsighted and may cost industry more than it gained from its short-term victory. If Sacramento fails to act by Aug. 19, sponsors of a privacy rights ballot initiative will drop 550,000 already-gathered signatures on the secretary of state’s desk. That would clear the way for a March vote on whether to give Californians much stronger control over the release and sale of their private financial data.

Whether by legislation or ballot initiative, Californians are sending a loud message that they want their privacy protected. And that very public call, as with many matters in this bellwether state, will resonate around the country and across political party lines. Just how soon, though, before Washington hears and gets the message?