Report Title:

Electronic Commerce-Based Crimes; Task Force; Established

Description:

Establishes a Hawaii anti-phishing task force to review other jurisdictions' activities on curtailing electronic commerce criminal activities. Requires the task force to submit a report and make recommendations to the 2006 regular session. (SD1)

THE SENATE

S.B. NO.

1170

TWENTY-THIRD LEGISLATURE, 2005

S.D. 1

STATE OF HAWAII

 


 

A BILL FOR AN ACT

 

RELATING TO ELECTRONIC COMMERCE.

 

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF HAWAII:

SECTION 1. The legislature finds that electronic commerce criminal activity is growing at an alarming rate. According to Gartner, a market-research firm in Stamford, Connecticut, banks and credit card issuers lost an estimated $1,200,000,000 to "phishing" scams last year.

According to the Federal Trade Commission, the federal agency that tracks electronic commerce-based crime, in phishing scams, internet scammers try to get information, such as credit card numbers, passwords, account information, or other personal information, by convincing internet users to divulge the information under false pretenses.

The "phishers" send millions of bogus electronic mails that appear to come from popular websites or from sites internet users trust, like a bank or credit card company.

The electronic mails and website links that phishers send often look official enough to trick people into believing that the sites are legitimate. To make the electronic mails look more real, scam artists might put a link in the fake electronic mail that appears to go to a legitimate website, but actually takes an unsuspecting internet user to a scam site or pop-up window that looks exactly like the official site.

According to the chairperson of the Hawaii Financial Security Association, although an electronic commerce-based crime such as phishing is a major concern for financial institutions, it is a crime that impacts all industries.

By sending phony electronic mails to thousands of electronic mailboxes, cyber crooks hope to lure victims to a fraudulent (or spoofed) website where the internet user would be tricked into divulging personal information, such as passwords and account numbers. According to Kiplinger's Magazine, an Anti-Phishing Working Group, whose members include banks, internet service providers, and technology vendors, recorded 1,142 phishing sites in October, 2004, and says that spoofed sites are multiplying at a rate of twenty-five per cent per month. The working group estimates that up to five per cent of recipients respond to phishing electronic mails, leaving them vulnerable to credit-card fraud and identity theft.

The purpose of this Act is to convene a Hawaii anti-phishing task force to develop state policy on how best to prevent further occurrences of phishing and other forms of electronic commerce-based crimes in the State.

SECTION 2. (a) There is established within the department of the attorney general a Hawaii anti-phishing task force to examine options to prevent electronic commerce-based crimes in the State.

(b) The Hawaii anti-phishing task force shall include members as follows:

(1) The attorney general or the attorney general's designee;

(2) The director of the office of consumer protection;

(3) The United States Attorney for the State of Hawaii or the United States Attorney's designee;

(4) Two members of the Hawaii state senate appointed by the president of the senate;

(5) Two members of the Hawaii state house of representatives appointed by the speaker of the house of representatives; and

(6) Two members representing the financial services industry, one appointed by president of the senate and one appointed by the speaker of the house of representatives.

(c) The task force shall:

(1) Examine the policies, procedures, and operations of state agencies charged with the responsibility of developing policies to prevent electronic commerce-based crimes, monitoring electronic commerce-based criminal activity, and enforcing electronic commerce-based criminal sanctions;

(2) Review other jurisdictions' activities, policies, directives, and laws related to preventing electronic commerce-based crimes and derive best practices models therefrom;

(3) Explore any other options available to the task force to deter electronic commerce-based crimes from occurring in the State;

(4) Establish findings and develop recommendations on how the State may best deter electronic commerce-based crimes from occurring in the State; and

(5) Propose legislation, as necessary, for the legislature to review during the 2006 regular session.

(d) The task force shall submit its findings and recommendations, including any proposed legislation, not later than twenty days prior to the convening of the 2006 regular session.

(e) The department of the attorney general shall provide support services necessary to assist the task force in achieving its purpose as required under this Act.

(f) The task force shall cease to exist on June 30, 2006.

SECTION 3. This Act shall take effect upon its approval.