BILL REQ. #:  H-1149.1 



_____________________________________________ 

HOUSE BILL 1763
_____________________________________________
State of Washington60th Legislature2007 Regular Session

By Representatives Williams, Morris, Moeller and Simpson

Read first time 01/26/2007.   Referred to Committee on Judiciary.



     AN ACT Relating to protecting financial information and means of identification stored on portable electronic data storage devices; amending RCW 9.35.001; and adding a new section to chapter 9.35 RCW.

BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF WASHINGTON:

Sec. 1   RCW 9.35.001 and 1999 c 368 s 1 are each amended to read as follows:
     (1) The legislature finds that financial information is personal and sensitive information that if unlawfully obtained by others may do significant harm to a person's privacy, financial security, and other interests. The legislature finds that unscrupulous persons find ever more clever ways, including identity theft, to improperly obtain and use financial information. The legislature intends to penalize unscrupulous people for improperly obtaining financial information.
     (2) The legislature finds that the storage of large amounts of unencrypted financial information or means of identification on portable electronic data storage devices and the transportation of such devices away from the workplace contribute to identity crimes. The legislature intends to reduce the incidence of identity crimes by imposing civil liability in certain cases where wrongful access to financial information or means of identification from a portable electronic data storage device that has been removed from the workplace leads to an identity crime.

NEW SECTION.  Sec. 2   A new section is added to chapter 9.35 RCW to read as follows:
     (1) A person violates this section if:
     (a) The person possesses the financial information or the means of identification of one hundred or more persons for any lawful purpose connected to a business or nonprofit organization;
     (b) The person, or his or her employee, removes from the premises of the business or organization a portable electronic data storage device containing the financial information or means of identification of one hundred or more persons;
     (c) The financial information or means of identification on the portable electronic data storage device is wrongfully accessed and utilized to commit a violation of RCW 9.35.010 or 9.35.020; and
     (d) The financial information or means of identification on the portable electronic data storage device was not protected by encryption software at the time it was wrongfully accessed.
     (2) For the purposes of this section:
     (a) "Person" means any natural person, association, partnership, corporation, or organization.
     (b) "Portable electronic data storage device" means any portable electronic device capable of storing information, including, but not limited to, a laptop computer, personal data assistant, portable hard drive, or flash memory device.
     (3) The legislature finds that the practices covered by this section are matters vitally affecting the public interest for the purpose of applying the consumer protection act, chapter 19.86 RCW. A violation of this section is not reasonable in relation to the development and preservation of business and is an unfair or deceptive act in trade or commerce and an unfair method of competition for the purpose of applying the consumer protection act, chapter 19.86 RCW.

--- END ---