Concern is growing about identity theft -- where one
person assumes the identity of another by stealing personally identifiable information (PII), such as
credit card or Social Security numbers. High profile incidents disclosed in early 2005 involving
ChoicePoint, Bank of America, and LexisNexis, where the PII of more than a million Americans
may have been compromised, have refocused congressional attention on this issue. Many associate
the rise in identity theft cases with the Internet, but surveys indicate that comparatively few victims
cite the Internet as the source of their stolen PII. Still, the Internet may play a role, particularly
through a practice known as "phishing." Congress already has passed several laws to address
identity theft, and continues to debate whether additional action is needed. This report will not be
updated; for information on pending bills and current legislative action, see CRS Report RL31408.