President Bush signed into law yesterday a measure intended to curb identity theft by adding two years to prison sentences for people convicted in federal courts of using stolen credit card numbers and other personal information to commit crimes.

Violators who use such information to commit "terrorist offenses" would get five extra years.

"Like other forms of stealing, identity theft leaves the victim poorer and feeling terribly violated," Bush said at a White House ceremony. "The criminal can quickly damage a person's lifelong effort to build a good credit rating."

Rep. John Carter (R-Texas), the bill's sponsor, said: "It's a crime that we need to address and address seriously both for the protection of the credit of American citizens and for the protection of homeland security."

Identity theft topped the list of consumer fraud complaints to the Federal Trade Commission in 2003, accounting for more than half the complaints tracked by the agency. The FTC recorded 214,905 cases of identity theft in 2003, up from 161,836 in 2002.

The law will make it more likely that thieves are prosecuted, said Betsy Broder, assistant director of the Federal Trade Commission's Division of Planning and Information. "A prosecutor is less likely to bring a case if they're not going to get any serious jail time when they get a conviction," she said.

The new law could help uncover large criminal enterprises because identity thieves often work in groups, said James H. Vaules, vice president and fraud expert at LexisNexis, the Dayton, Ohio, archiving company.

If prosecutors "have a tool that changes the sentencing guidelines from probation to a prison sentence, it could have significant results in people cooperating with the government and exposing larger parts of the criminal network," Vaules said.

David McGuire is a staff writer for washingtonpost.com.