Download Zipped Amended WordPerfect HB0165S01.ZIP
[Introduced][Status][Bill Documents][Fiscal Note][Bills Directory]
First Substitute H.B. 165
This document includes Senate 2nd Reading Floor Amendments incorporated into the bill on Wed, Mar 3, 2004 at 2:00 PM by rday. -->
1
2
3
4
5
6 LONG TITLE
7 General Description:
8 This bill enacts provisions within the Commerce and Trade Code related to a child
9 protection registry.
10 Highlighted Provisions:
11 This bill:
12 . defines terms;
13 . requires the Division of Consumer Protection to establish a registry of contact
14 points for minors;
15 . prohibits a person from sending certain materials to a registered contact point; and
16 . provides criminal, administrative, and civil penalties.
17 Monies Appropriated in this Bill:
18 None
19 Other Special Clauses:
20 This bill takes effect on July 1, 2005.
21 Utah Code Sections Affected:
22 ENACTS:
23 13-39-101, Utah Code Annotated 1953
24 13-39-102, Utah Code Annotated 1953
25 13-39-201, Utah Code Annotated 1953
26 13-39-202, Utah Code Annotated 1953
27 13-39-203, Utah Code Annotated 1953
28 13-39-301, Utah Code Annotated 1953
29 13-39-302, Utah Code Annotated 1953
30 13-39-303, Utah Code Annotated 1953
31 13-39-304, Utah Code Annotated 1953
32
33 Be it enacted by the Legislature of the state of Utah:
34 Section 1. Section 13-39-101 is enacted to read:
35
36
37 13-39-101. Title.
38 This chapter is known as the "Child Protection Registry."
39 Section 2. Section 13-39-102 is enacted to read:
40 13-39-102. Definitions.
41 As used in this chapter:
42 (1) "Contact point" means an electronic identification to which a communication may
43 be sent, including:
44 (a) an email address; or
45 (b) subject to Subsection 13-39-201 (2):
46 (i) an instant message identity, subject to rules made by the division under Subsection
47 13-39-203 (1);
48 (ii) a telephone number;
49 (iii) a facsimile number; or
50 (iv) an electronic address:
51 (A) similar to a contact point listed in this Subsection (1); and
52 (B) defined as a contact point by rule made by the division under Subsection
53 13-39-203 (1).
54 (2) "Division" means the Division of Consumer Protection in the Department of
55 Commerce.
56 (3) "Registry" means the child protection registry established in Section 13-39-201 .
57 Section 3. Section 13-39-201 is enacted to read:
58
59 13-39-201. Establishment of child protection registry.
60 (1) The division shall:
61 (a) establish and operate a child protection registry to compile and secure a list of
62 contact points the division has received pursuant to this section; or
63 (b) contract with a third party to establish and secure the registry described in
64 Subsection (1)(a).
65 (2) (a) The division shall implement the registry described in this section with respect
66 to email addresses beginning on July 1, 2005.
67 (b) The division shall implement the registry described in this section with respect to
68 instant message identities after:
69 (i) the division has determined to the satisfaction of the division the security of the
70 registry described in this section with respect to email addresses; and
71 (ii) the division has reported to the Public Utilities and Technology Interim Committee
72 the intention of the division to implement the registry described in this section with respect to
73 instant message identities.
74 (c) The division shall implement the registry described in this section with respect to
75 telephone numbers, facsimile numbers, and electronic addresses described in Subsection
76 13-39-102 (1)(b)(iv) after:
77 (i) the division has determined to the satisfaction of the division the security of the
78 registry described in this section with respect to instant message identities; and
79 (ii) the division has reported to the Public Utilities and Technology Interim Committee
80 the intention of the division to implement the registry described in this section with respect to
81 telephone numbers, facsimile numbers, and electronic addresses described in Subsection
82 13-39-102 (1)(b)(iv).
83 (3) (a) A person may register a contact point with the division pursuant to rules
84 established by the division under Subsection 13-39-203 (1) if:
85 (i) the contact point belongs to a minor; or
86 (ii) a minor has access to the contact point.
87 (b) A school or other institution that primarily serves minors may register its domain
88 name with the division pursuant to rules made by the division under Subsection 13-39-203 (1).
89 (c) The division shall provide a disclosure to a person who registers a contact point
90 under this section that reads: " S NO SOLUTION IS COMPLETELY SECURE. THE MOST EFFECTIVE
90a WAY TO PROTECT CHILDREN ON THE INTERNET IS TO SUPERVISE USE AND REVIEW ALL EMAIL
90b MESSAGES AND OTHER CORRESPONDENCE. s Under law, theft of a contact point from the Child
90c Protection
91 Registry is a Class B Felony. While every attempt will be made to secure the Child Protection
92 Registry, registrants and their guardians should be aware that their contact points may S BE AT A
92a GREATER s risk S OF s
93 being misappropriated by marketers who choose to disobey the law."
94 (4) A person desiring to send a communication described in Subsection 13-39-202 (1)
95 to a contact point or domain shall:
96 (a) use a mechanism established by rule made by the division under Subsection
97 13-39-203 (2); and
98 (b) pay a fee for use of the mechanism described in Subsection (4)(a) determined by
99 the division in accordance with Section 63-38-3.2 .
100 Section 4. Section 13-39-202 is enacted to read:
101 13-39-202. Prohibition of sending certain materials to a registered contact point.
102 (1) A person may not send, cause to be sent, or conspire with a third party to send a
103 communication to a contact point or domain that has been registered for more than 30 calendar
104 days with the division under Section 13-39-201 if the communication:
105 (a) advertises a product or service that a minor is prohibited by law from purchasing; or
106 (b) contains or advertises material that is harmful to minors, as defined in Section
107 76-10-1201 .
108 (2) The consent of a minor is not a defense to a violation of this section.
109 (3) An Internet service provider does not violate this section for solely transmitting a
110 message across the network of the Internet service provider.
111 Section 5. Section 13-39-203 is enacted to read:
112 13-39-203. Rulemaking authority.
113 In accordance with Title 63, Chapter 46a, Utah Administrative Rulemaking Act, the
114 division shall make rules to establish procedures under which:
115 (1) (a) a person may register a contact point with the division under Section 13-39-201 ,
116 including:
117 (i) the information necessary to register an instant message identity; and
118 (ii) for purposes of Subsection 13-39-102 (1)(b)(iv), an electronic address that is similar
119 to a contact point listed in Subsection 13-39-102 (1); and
120 (b) a school or other institution that primarily serves minors may register its domain
121 name with the division under Section 13-39-201 ; and
122 (2) the division shall:
123 (a) provide a mechanism under which a person described in Subsection 13-39-201 (4)
124 may verify compliance with the registry to remove registered contact points from the person's
125 communications; and
126 (b) establish the mechanism described in Subsection (2)(a) in a manner that protects
127 the privacy and security of a contact point registered with the division under Section
128 13-39-201 .
129 Section 6. Section 13-39-301 is enacted to read:
130
131 13-39-301. Criminal penalty.
132 (1) A person who violates Section 13-39-202 commits a computer crime and:
133 (a) is guilty of a class B misdemeanor for a first offense with respect to a contact point
134 registered with the division under Subsection 13-39-201 (3)(a); and
135 (b) is guilty of a class A misdemeanor:
136 (i) for each subsequent violation with respect to a contact point registered with the
137 division under Subsection 13-39-201 (3)(a); or
138 (ii) for each violation with respect to a domain name registered with the division under
139 Subsection 13-39-201 (3)(b).
140 (2) A person commits a computer crime and is guilty of a second degree felony if the
141 person:
142 (a) uses information obtained from the division under this chapter to violate Section
143 13-39-202 ;
144 (b) improperly:
145 (i) obtains contact points from the registry; or
146 (ii) attempts to obtain contact points from the registry; or
147 (c) uses, or transfers to a third party to use, information from the registry to send a
148 solicitation.
149 (3) A criminal conviction or penalty under this section does not relieve a person from
150 civil liability in an action under Section 13-39-302 .
151 (4) Each communication sent in violation of Section 13-39-202 is a separate offense
152 under this section.
153 Section 7. Section 13-39-302 is enacted to read:
154 13-39-302. Civil action for violation.
155 (1) For a violation of Section 13-39-202 , an action may be brought by:
156 (a) a user of a contact point or domain name registered with the division under Section
157 13-39-201 ; or
158 (b) a legal guardian of a user described in Subsection (1)(a).
159 (2) In each action under Subsection (1):
160 (a) a person described in Subsection (1) may recover the greater of:
161 (i) actual damages; or
162 (ii) $1,000 for each communication sent in violation of Section 13-39-202 ; and
163 (b) the prevailing party shall be awarded costs and reasonable attorney fees.
164 Section 8. Section 13-39-303 is enacted to read:
165 13-39-303. Administrative enforcement.
166 (1) The division shall:
167 (a) investigate violations of this chapter; and
168 (b) assess cease and desist orders and administrative fines under this section for
169 violations of this chapter.
170 (2) A person who violates this chapter is subject to:
171 (a) a cease and desist order; and
172 (b) an administrative fine of not more than $2,500 for each separate communication
173 sent in violation of Section 13-39-202 .
174 (3) (a) A person who intentionally violates this chapter is subject to an administrative
175 fine of not more than $5,000 for each communication intentionally sent in violation of Section
176 13-39-202 .
177 (b) For purposes of this section, a person intentionally violates this chapter if the
178 violation occurs after the division, attorney general, or a district or county attorney notifies the
179 person by certified mail that the person is in violation of this chapter.
180 (4) All administrative fines collected under this section shall be deposited in the
181 Consumer Protection Education and Training Fund created in Section 13-2-8 .
182 Section 9. Section 13-39-304 is enacted to read:
183 13-39-304. Defenses.
184 It is a defense to an action brought under this chapter that a person:
185 (1) reasonably relied on the mechanism established by the division under Subsection
186 13-39-203 (2); and
187 (2) took reasonable measures to comply with this chapter.
188 Section 10. Effective date.
189 This bill takes effect on July 1, 2005.
Legislative Review Note
as of 3-2-04 10:35 AM
This bill regulates, among other things, the sending of certain commercial email messages to
addresses contained on a registry. Congress recently passed the CAN-SPAM Act of 2003 that,
with some exemptions, preempts a state from regulating commercial email. The act permits
state regulations of commercial email that:
. prohibit falsity or deception;
. are not specific to email; or
. relate to acts of fraud or computer crime.
If this bill were challenged, a court would evaluate whether this bill falls into one of those
exemptions.