HOUSE DOCKET, NO. 760 FILED ON: 1/13/2009
HOUSE . . . . . . . . . . . . . . . No. 316
The Commonwealth of Massachusetts
In the Year Two Thousand Nine
An Act relative to identity theft in the commonwealth..
Be it enacted by the Senate and House of Representatives in General Court assembled, and by the authority of the same, as follows:
SECTION 1. Chapter 266 of the General Laws is hereby amended by adding the following section:-
Section 37F. Identity Theft Investigation
A person who has learned or reasonably suspects that his or hers personal identifying information has been unlawfully used by another, as described in section 37E of Chapter 266, may initiate a law enforcement investigation by contacting the local law enforcement that has jurisdiction over his or her actual residence, which shall take an identity theft police report of the matter, provide the complainant with a copy of that report, and begin an investigation of the facts. If the suspected crime was committed in a different jurisdiction, the local law enforcement agency must refer the matter to the jurisdiction’s local law enforcement agency where the suspected crime was committed for further investigation of the facts.
b) Any city, town, or district police department which requires an investigating police officer to make a report concerning an incident, offense or alleged offense investigated, or any arrest made, on a form provided by the department shall include on said form a space to indicate whether said incident, offense, alleged offense or arrest involved identity fraud as defined in section 37E of chapter 266.Said officer shall also provide any victim, as defined in section 37E of chapter 266, a copy of said report and may be redacted by the investigating police officer.
Section 3.Chapter 93 of The Massachusetts General Laws, as appearing in the 2006 Official Edition, is hereby amended by inserting after section 55 the following section:-
Section 55A. (a) No person or entity, including a state or local agency may not do any of the following:
(1)intentionally communicate or otherwise make available to the general public an individual’s Social Security number;
(2) print an individual’s Social Security number on any card required for the individual to access products or services provided by the person or data collector;
(3) require an individual to transmit his or her Social Security number over the Internet, unless the connection is secure or the Social Security number is encrypted;
(4) require an individual to use his or her Social Security number to access an Internet Web site, unless a password or unique personal identification number or other authentication device is also required to access the Internet Web site;
(5) print an individual’s Social Security number on any materials that are mailed to the individual, unless required by law;
(6) sell, lease, loan, trade, rent, or otherwise disclose an individual’s Social Security number to a third party for any purpose without written consent to the disclosure from the individual.
Nothing in this section shall apply to medical information or documents that are recorded or required to be open to the public pursuant to section 7 of chapter 4.
(b) Violations of any provision of this section shall constitute and unfair and deceptive trade practice pursuant to the provisions of chapter ninety-three A.