Title: An act relating to breaches of security that compromise personal information.

Brief Description: Specifying penalties for harm caused by breaches of security that compromise personal information.

Sponsors: Senators Kline, Weinstein and Hobbs.

Brief History:

Committee Activity: Consumer Protection & Housing: 1/26/07.

SENATE COMMITTEE ON CONSUMER PROTECTION & HOUSING

Staff: Jacob White (786-7448)

Background: When a business, person, or government agency has computerized data which includes personal information, that entity has notification requirements they must meet when there is a breach of security of that data. The penalty for not meeting those notification requirements is that any customer injured by the breach may recover damages. Damages are not specified.

Summary of Bill: An injured person is allowed to recover not only damages, but damages up to the actual amount of economic damages or $500, whichever is greater.

Appropriation: None.

Fiscal Note: Not requested.

Committee/Commission/Task Force Created: No.

Effective Date: Ninety days after adjournment of session in which bill is passed.

Staff Summary of Public Testimony: CON: There are already tools in place for the issue that this bill addresses. Awarding the actual economic damages is an adequate and proper punishment to companies who breach their duty. No other state has a law like this. This could lead to costly class action law suits.

Persons Testifying: CON: Mel Sorensen, Property Casualty Insurers; and Stu Halsan, America On-Line.