Michigan Governor Jennifer Granholm has signed a legislative measure [PDF] that amends the state’s 2004 Identity Theft Protection Act (the “ITPA”). The measure, which was enacted to combat phishing scams and other online fraud, amends the ITPA in several significant respects:
- The new legislation makes it unlawful to gather personally identifying information through e-mail, a website, altered computer settings, or a software program under false pretenses or by misrepresenting one’s association with a business. This conduct is proscribed regardless of whether the violator intends to commit identity theft or another crime. However, there is an exception for law enforcement officers engaged in lawful investigation.
- The enactment strengthens criminal penalties under the ITPA and creates a civil right of action with statutory damages for the Attorney General and any interactive computer service provider harmed by a violation.
- The law also exempts interactive computer service providers from liability under any Michigan law for removing or disabling access to an Internet domain name or to Internet content that the provider believes in good faith is engaged in a violation of the ITPA.