In order to help prevent the unauthorized use of information from a consumer report file to fraudulently open a new account, over thirty-five states, as well as the District of Columbia, have enacted laws allowing an individual to place a “security freeze” on his or her credit report file.[1] In general, a “security freeze” prohibits a consumer reporting agency (“CRA”) from releasing

information from a credit report file on the consumer without the express authorization of the consumer. Although the state security freeze laws are similar in many respects, some aspects of these laws are significantly different, including with respect to: who may request a security freeze; the method of requesting a security freeze; and the time permitted to a CRA to respond to a request to place a security freeze. CRAs operating in the various states, must comply with the security

freeze requirements imposed by the laws of each of those states and users of credit report information must be aware of the various restrictions placed on the sharing of information contained in credit report files. This article provides a brief overview of the security freeze laws enacted by the various states.