A group of U.S. senators have introduced a bi-partisan bill aimed at stopping phishing, but some privacy advocates are worried website registrants will have to forfeit too much personal information.
The lawmakers, part of the Commerce, Science and Transportation Committee, introduced the Anti-Phishing Consumer Protection Act of 2008 in an attempt to end increasingly sophisticated phishing scams.
The legislation would prohibit phishing, as well as prohibit related abuses, such as the practice of using fraudulent or misleading domain names, by defining them as deceptive practices under Federal Trade Commission regulations.
“Online phishing is a problem that affects millions of people around the United States,” Kurt Bardella, a spokesman for Sen. Olympia Snowe, R-Maine, told SCMagazineUS.com on Thursday. Sens. Bill Nelson, D-Fla., and Ted Stevens, R-Alaska, co-sponsored the bill.
“As ecommerce becomes more popular,” Bardella said, “so have the vulnerabilities of fraud. The time has long since passed where we need safeguards in place to make sure people don't become defrauded.”
The bill states that approximately 59 million phishing emails are sent each day, and they have become more sophisticated and are even including malicious attachments.
The premise behind the bill is “to prohibit the collection of identifying information of individuals by false, fraudulent or deceptive means through the internet, [and] to provide the FTC the necessary authority to enforce such prohibition,” according to the legislation.
The Commerce Committee will hold hearings on the legislation, and members also will work with their counterparts in the U.S. House of Representatives so the bill gains support there as well.
“We're optimistic we can move this legislation forward,” Bardella said. “I think, universally, people in both parties and in both chambers would agree that the issue of phishing and deceptive practices on the internet need to be addressed.”
Solidifying the integrity of domain name registration has been a long-time goal for the FTC and is an important measure in the Senate bill. Lawmakers want to make it illegal for a domain name registrant to provide false or misleading contact information when registering a domain name.
While there are some groups who are concerned the bill will penalize people who wish to protect their privacy by remaining anonymous when registering a new website, Bardella said it is important to point out that this is much needed legislation that will enable the FTC to enforce controls over phishing.
“The intention of this bill is to be applauded,” Chris Merida, director of congressional and public affairs for the U.S. Chamber of Commerce, which represents more than three million businesses, told SCMagazineUS.com. “Phishing is a growing problem and so far, we are pretty content with the phishing provisions of this bill. We are taking a closer look at the domain name/trademark type provisions, just to make sure they have the intended, desired effect and no unintended consequences.”