Anti-Phishing Bill Likely To Be Reintroduced In Congress
Legislation to make Internet phishing a crime was lost in the shuffle and failed to win passage in Congress last year but will have another chance with lawmakers in 2005.
In July of last year, Sen. Patrick Leahy, D-Vt., the ranking member of the Senate Judiciary Committee, introduced Senate Bill 2636, also known as the Anti-Phishing Act of 2004.
“Phishing is a rapidly growing class of identity theft scams on the Internet that is causing both short-term loses and long-term economic damage,” he said while introducing his bill on the Senate floor. “In the short term, these scams defraud individuals and financial institutions. Some estimates place the cost of phishing at over $2 billion just over the last 12 months. Just imagine the concern we would all have about a series of bank robberies involving that much money.”
Leahys bill would have made the establishment of a Web site or domain name purporting to be a legitimate business with the intent of committing acts of fraud and without the consent of that business a crime. Use of that Web site to seek personal information from individuals also would be a crime. The decision to include the intent requirement was made with respect to First Amendment concerns, Leahy said while introducing the bill, to protect speech that may be deceptive for other reasons, such as a parody of a commercial site as political commentary.
The bill also would have made it illegal to send a message over the Internet purporting to be another, legitimate business, or to include in that message a link to a fraudulent Web site or request for personal information. Under the proposed legislation, these crimes would be punishable by a fine or up to 5 years in prison.
The measure was referred to the Judiciary Committee but went no further. Its failure to win passage was not a reflection of the bill, however, but of the circumstances of 2004, according to David Jevans, chairman of the Anti-Phishing Working Group, an advocacy group sponsored by a number of financial services and software firms that worked with Leahy on the phishing issue.
The 2004 bill “ran out of time, and then we had an election,” Jevans said. “It was really, purely a time issue.”
A spokesman for Leahy said the senator planned to introduce legislation either identical or very similar to the 2004 bill in the new Congress soon but was unable to provide a specific timetable.