Download Zipped Introduced WordPerfect HB0387.ZIP
[Status][Bill Documents][Fiscal Note][Bills Directory]

H.B. 387

             1     

PROTECTING IDENTITY OF CHILDREN

             2     
2010 GENERAL SESSION

             3     
STATE OF UTAH

             4     
Chief Sponsor: Eric K. Hutchings

             5     
Senate Sponsor: ____________

             6     
             7      LONG TITLE
             8      General Description:
             9          This bill modifies a provision creating the Identity Theft Reporting Information System.
             10      Highlighted Provisions:
             11          This bill:
             12          .    modifies the purposes for an Internet website within the Office of the Attorney
             13      General to include providing information about and links to resources to protect
             14      Social Security numbers.
             15      Monies Appropriated in this Bill:
             16          None
             17      Other Special Clauses:
             18          None
             19      Utah Code Sections Affected:
             20      AMENDS:
             21          67-5-22, as last amended by Laws of Utah 2008, Chapter 161
             22     
             23      Be it enacted by the Legislature of the state of Utah:
             24          Section 1. Section 67-5-22 is amended to read:
             25           67-5-22. Identity theft reporting information system -- Internet website and
             26      database -- Access -- Maintenance and rulemaking -- Criminal provisions.
             27          (1) There is created within the Office of the Attorney General the Identity Theft


             28      Reporting Information System (IRIS) Program to establish a database and Internet website to:
             29          (a) allow persons in the state to submit reports of identity theft;
             30          (b) assist the Office of the Attorney General in notifying state and local law
             31      enforcement agencies of reports of identity theft;
             32          (c) provide assistance and resources to victims of identity theft;
             33          (d) provide a centralized location where information related to incidents of identity
             34      theft may be securely stored and accessed for the benefit of victims of identity theft; [and]
             35          (e) provide public education and information relating to identity theft[.]; and
             36          (f) provide information about and links to resources that assist an individual, including
             37      a minor through a parent or legal guardian, to protect the individual's Social Security number
             38      against an unauthorized use or disclosure.
             39          (2) (a) The Internet website shall be maintained by the Office of the Attorney General
             40      and shall be made available to the public and to victims of identity-related crimes.
             41          (b) The Internet website shall:
             42          (i) allow a victim of an identity-related crime to report the crime on the website and
             43      have the victim's report routed to the appropriate law enforcement agency for the jurisdiction in
             44      which the crime occurred; and
             45          (ii) provide public education and information relating to identity theft.
             46          (c) The Internet website may be expanded to provide other identity-related services to
             47      victims according to the procedures of Subsection (4).
             48          (3) (a) The Department of Technology Services shall administer and maintain the
             49      database established under this section in an electronic file or other format as established by the
             50      department.
             51          (b) (i) The database shall be maintained for the purpose of identifying victims of
             52      identity theft who have filed a report with the program established under this section, and may
             53      contain the personally identifiable information for each victim, which may include the
             54      following information related to an incident of identify theft:
             55          (A) the victim's name, address, email addresses, and telephone numbers;
             56          (B) the victim's Social Security number and other identifying information;
             57          (C) the victim's financial institution information, account numbers, and transaction
             58      information;


             59          (D) the victim's benefit information;
             60          (E) the victim's credit account information;
             61          (F) the victim's loan information;
             62          (G) the victim's employment information;
             63          (H) the victim's Internal Revenue Service or tax information;
             64          (I) the victim's utility service information;
             65          (J) information concerning legal matters or collections related to the incident;
             66          (K) information concerning unauthorized or illegal transactions, denied credit, stolen
             67      identification, and all other unauthorized actions related to the identity theft; and
             68          (L) any other information related to the incident of identity theft that the victim or the
             69      Office of the Attorney General elects to include in the database.
             70          (ii) The database shall record and maintain:
             71          (A) identification information for each person who requests or receives information
             72      from the database;
             73          (B) a record of the information that is requested or received by each person who
             74      requests or receives information from the database; and
             75          (C) a record of the date and time that any information is requested or provided from the
             76      database.
             77          (c) Information in the database is considered to be the property of the Office of the
             78      Attorney General, and retains any classification given it under Title 63G, Chapter 2,
             79      Government Records Access and Management Act.
             80          (4) The Department of Technology Services, with the approval of the Office of the
             81      Attorney General, may make rules to:
             82          (a) permit the following persons to have access to the database:
             83          (i) federal, state, and local law enforcement authorities, provided that the authority is
             84      acting within a specified duty of the authority's employment in enforcing laws;
             85          (ii) participating merchants and financial institutions, provided that the merchant or
             86      institution has entered into an access agreement with the Office of the Attorney General; and
             87          (iii) other persons, to be established by rule, provided that the person's access to the
             88      information is necessary and reasonable to accomplish the purposes of the program as provided
             89      in Subsection (1);


             90          (b) define and enforce limitations on access to information via the Internet website or
             91      in the database; and
             92          (c) establish standards and procedures to ensure accurate identification of individuals
             93      that are requesting or receiving information from the Internet website or the database.
             94          (5) (a) In addition to the penalties provided under Title 63G, Chapter 2, Government
             95      Records Access and Management Act, a person may not knowingly and intentionally release or
             96      disclose information from the database in violation of the limitations provided under
             97      Subsection (4)(a).
             98          (b) A violation of Subsection (5)(a) is a third degree felony.
             99          (6) (a) A person may not obtain or attempt to obtain information from the database by
             100      misrepresentation or fraud.
             101          (b) A violation of Subsection (6)(a) is a third degree felony.
             102          (7) (a) A person may not knowingly and intentionally use, release, publish, or
             103      otherwise make available to any other person or entity any information obtained from the
             104      database for any purpose other than those specified under Subsection (4)(a).
             105          (b) Each separate violation of Subsection (7)(a) is a third degree felony.




Legislative Review Note
    as of 3-9-10 3:26 PM


Office of Legislative Research and General Counsel


[Bill Documents][Bills Directory]