Nevada State Victim Resources:
Agencies that offer assistance to IDT victims:
Nevada Legal Services, Inc.
Security Freeze Law:
Any consumer in Nevada may place a security freeze on his or her credit report by requesting one from the credit reporting agency. A security freeze prevents your file from being shared with potential creditors, blocking new accounts from being opened. The credit bureaus are permitted to charge up to $10 to place or temporarily lift the freeze, but they may not charge identity theft victims who have filed a police report or people 65 years of age or older.
To obtain a security freeze, a consumer must send a certified letter to the bureaus. The freeze goes into effect five business days from receipt of the consumer's letter. The bureau will provide the consumer with a unique personal identification number password to be to authorize the temporary release of the consumer report or to remove the freeze.
How to Apply for a Security Freeze:
Mandatory Police Report Law for Identity Theft Victims:
No State law at this time.
Identity Theft Passport Law:
Identity Theft Passport: Nevada allows victims of identity theft to apply for and receive an Identity Theft Passport that can be presented to police and financial entities to show that others have used their names for criminal purposes. Victims of identity theft must first report the crime to law enforcement officials. Once a law enforcement agency has verified that a crime has been committed and processes a report, it will provide the victim with identity theft materials and a passport application. The victim must fill out the application, and the law enforcement agency will mail or deliver the application, a photo of the victim and the police report to the attorney general's office. The attorney general's office will verify the information and issue a passport card to the victim with a photograph and identifying number. The process will take four to six weeks to complete. In addition to a photo, the passport will have the victim's address and thumbprint for law enforcement identification.
Identity Theft Laws:
It is unlawful for any person who knowingly obtains any personally identifying information of another person and with the intent to commit an unlawful act, uses that information to:
- Harm that person;
- Represent or impersonate that other person to obtain access to any personal identifying information of that other person without the prior express consent of that other person;
- Obtain access to any nonpublic record of the actions taken, communications made or received by, or other activities or transactions of that other person without the prior express consent of that other person; or
- For any other unlawful purpose, including, without limitation, to obtain credit, a good, a service or anything of value in the name of that other person.
"Personal identifying information" means any information designed, commonly used or capable of being used, alone or in conjunction with any other information, to identify a living or deceased person; or to identify the actions taken, communications made or received by, or other activities or transactions of a living or deceased person, including, without limitation:
- The current or former name, driver's license number, identification card number, social security number, checking account number, savings account number, credit card number, debit card number, financial services account number, date of birth, place of employment and maiden name of the mother of a person.
- The unique biometric data of a person, including, without limitation, the fingerprints, facial scan identifiers, voiceprint, retina image and iris image of a person.
- The electronic signature, unique electronic identification number, address or routing code, telecommunication identifying information or access device of a person.
- The personal identification number (PIN) or password of a person.
- The alien registration number, government passport number, employer identification number, taxpayer identification number, Medicaid account number, food stamp account number, medical identification number or health insurance identification number of a person.
- The number of any professional, occupational, recreational or governmental license, certificate, permit or membership of a person.
- The number, code or other identifying information of a person who receives medical treatment as part of a confidential clinical trial or study, who participates in a confidential clinical trial or study involving the use of prescription drugs or who participates in any other confidential medical, psychological or behavioral experiment, study or trial.
- The utility account number of a person.
Violations are a category B felony, punishable by one to twenty years in prison and a fine of up to $100,000. The penalty includes a mandatory minimum sentence of three years if:
- The information belongs to a person over 60 or a vulnerable person, defined as a person who suffers from a condition of physical or mental incapacitation because of a developmental disability, organic brain damage, or mental illness; or has one or more physical or mental limitations that restrict the ability of the person to perform normal activities of daily living;
- The offender obtained and used the personal identifying information of five or more persons;
- The offender caused another person to suffer a financial loss or injury of $3000 or more as a result of the violation; or
- The offense was committed to avoid or delay being prosecuted for a category A or B felony.
If the person uses the information to avoid or delay being prosecuted for an unlawful act, with the exception of a category A or B felony, it is a category C felony, punishable by one to five years in prison and a fine of up to $10,000.
Public officers or employees who knowingly obtain any personal identifying information of another person from any document, file, database, source or process used by a public body to collect, store, maintain, transfer, reproduce, manage or administer personal identifying information; and use the personal identifying information to harm that other person or for any unlawful purpose, including, without limitation, to obtain credit, a good, a service or anything of value in the name of that person, are guilty of a category B felony, punishable by a minimum of five years in prison and a fine of up to $100,000. The minimum penalty increases to seven years if the victim is an elderly or vulnerable person; the offender obtained and used the personal identifying information of five or more persons; or the offender caused the other person to suffer a financial loss or injury of $3000 or more.
If the public officer or employee sells or transfers the personal identifying information for the purpose of establishing a false status, occupation, membership, license, or identity for himself or any other person is guilty of a category C felony. There is a mandatory one-year prison sentence if the victim is an elderly or vulnerable person, the offender obtained and used the personal identifying information of five or more persons; or the offender caused the other person to suffer a financial loss or injury of $3000 or more. These provisions do not prohibit the possession or use of any personal identifying information by law enforcement officers engaged in undercover investigations.
It is illegal for a person to possess, sell, or transfer any document or personal identifying information for the purpose of establishing a false status, occupation, membership, license or identity for himself or any other person. Violators are guilty of a category C felony, punishable by one to five years in prison and a fine of up to $10,000. The penalties include a mandatory one-year sentence if the victim is elderly or vulnerable; the offender obtained and used the personal identifying information of five or more persons; or the offender caused the other person to suffer a financial loss or injury of $3000 or more. Simple possession of false identification is a category E felony, punishable by up to a year in prison. If a person possesses such information for the sole purpose of purchasing alcoholic beverages or cigarettes, it is a misdemeanor offense.
It is a category B felony, punishable by one to twenty years in prison and/or a fine up to $100,000, to establish or possess a financial forgery laboratory with the intent to commit any unlawful act. A "financial forgery laboratory" is defined as any computer, system, program or other electronic of mechanical device that is specifically configured for the purpose of unlawfully obtaining personal identifying information of another person to commit an unlawful act; or manufacturing any forged or fraudulent financial instrument, document or item, including checks, bonds, credit cards, bank bills, or money orders.
Identity theft crimes can be prosecuted whether or not the person whose identifying information forms part of the violation is living or deceased, and does not require the victim to suffer any financial loss or injury as a result of the violation.
Identity theft crimes can be prosecuted in any jurisdiction in the state in which the victim currently resides or where the crime occurred, regardless of whether the defendant was ever physically present in that jurisdiction.
Other Related Laws:
People convicted of identity theft crimes will be required to pay restitution to the victim, including any attorney's fees and costs incurred to repair a credit history or to repay any loans or debts incurred from the theft.
In any case in which a person is convicted of violating an identity theft statute, the court records must clearly reflect that the violation was committed by the person convicted of the violation and not by the person whose personal identifying information forms a part of the violation.
A person who has suffered injury as the proximate result of an identity theft violation may commence an action for the recovery of his actual damages, costs and reasonable attorney's fees and for any punitive damages that the facts may warrant. The suit must be brought within two years after the person who suffered the injury discovers the facts constituting the violation.
Any person who, for the purpose of procuring the issuance of a credit card or debit card, makes or causes to be made, either directly or indirectly, any false statement in writing, knowing it to be false, with intent that it be relied on respecting his identity or financial condition or the identity or financial condition of any other person, firm or corporation is guilty of a gross misdemeanor.
It is a category D felony, punishable by one to four years in prison and/or a fine up to $5000, for a person to:
- Steal, take or remove a credit card, debit card, or its number from the person, possession, custody or control of another without the cardholder's consent; or who, with knowledge that a credit card or debit card has been so taken, removed or stolen receives the credit card or debit card with the intent to circulate, use or sell it or to transfer it to a person other than the issuer or the cardholder.
- Possess a credit card, debit card, or its number without the consent of the cardholder and with the intent to circulate, use, sell or transfer it with the intent to defraud. A person who has in his possession or under his control two or more credit cards or debit cards issued in the name of another person is presumed to have obtained and to possess the credit cards or debit cards with the knowledge that they have been stolen and with the intent to circulate, use, sell or transfer them with the intent to defraud.
- If not the issuer, to sell a credit card or debit card or the number or other identifying description of a credit card, debit card or credit account; or to buy a credit card, debit card or the number or other identifying description of a credit card, debit card or credit account from a person other than the issuer.
- If not the cardholder or a person authorized by the cardholder, to sign a credit card, debit card, sales slip, sales draft, or instrument for the payment of money that evidences a credit or debit card transaction with the intent to defraud.
- Use a credit card or debit card to obtain money, goods, property, services or anything of value where the credit card or debit card was obtained unlawfully, or where the person knows the credit card or debit card is forged or is the expired or revoked credit card or debit card of another; use the number or other identifying description of a credit account, customarily evidenced by a credit card or the number or other identifying description of a debit card, to obtain money, goods, property, services or anything of value without the consent of the cardholder; or obtains money, goods, property, services or anything else of value by representing, without the consent of the cardholder, that he is the authorized holder of a specified card or that he is the holder of a card where the card has not in fact been issued.
- Receive money, property, goods, services or anything of value obtained through the unlawful use of a credit or debit card, knowing or believing that the money, property, goods, services or other things of value were so obtained.
Change of Address
State law requires a credit card issuer that mails an offer or solicitation to receive a credit card and, in response, receives a completed application that lists an address that is substantially different from the address on the offer to verify that the person accepting the offer is the same person to whom the offer was made before sending the person the credit card.
It is a category B felony, punishable by one to twenty years in prison and/or a fine of up to $100,000, to use a scanning device or re-encoder to access, read, obtain, store, or transfer information encoded on the magnetic strip or stripe of a payment card with the intent to defraud the authorized user or the issuer of the card. It is a category C felony to possess a scanning device or re-encoder with the intent to use the device for an unlawful purpose.
Destruction of Records
State law requires businesses that maintain records that contain personal information concerning the customers of the business to take reasonable measures to ensure the destruction of those records when the business decides that it will no longer maintain the records. This means any method that modifies the records containing the personal information in such a way as to render the personal information contained in the records unreadable or undecipherable, including shredding the documents or erasing the personal information from the records.
State law requires data collectors that own or license computerized data that includes personal information to disclose any breach of the security of the system data to any resident whose unencrypted personal information was, or is reasonably believed to have been, acquired by an authorized person. "Data collector" means any governmental agency, institution of higher education, corporation, financial institution or retail operator or any other type of business entity or association that, for any purpose, whether by automated collection or otherwise, handles, collects, disseminates or otherwise deals with nonpublic personal information. A security breach occurs upon "unauthorized acquisition of computerized data that materially compromises the security, confidentiality, or integrity of personal information maintained by the data collector."
Personal information is defined as an natural person's first name or first initial and last name in combination with any one or more of the following data elements, when the name and data elements are not encrypted: Social Security number; driver's license number or identification card number; or an account number, or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an person's financial account. It does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.
Notice must be made without unreasonable delay, consistent with the needs of law enforcement and with any measures necessary to determine the scope of the breach and to restore the reasonable integrity of the data system. Notification can be provided by mail or e-mail. If the cost of providing regular notice would exceed $250,000, the amount of people to be notified exceeds 500,000, or the data collector does not have sufficient contact information to provide written or electronic notice, substitute notice may be provided. When substitute notice is used, it must consist of all of the following, as applicable: e-mail notice, conspicuous posting on the data collector's web site, and notification to major statewide media.