Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 114th Congress · H.R. 2205 (Introduced in House) — To protect financial information relating to consumers, to require notice of security breaches, and for other purposes. · Sec. 3

Sec. 3. Definitions

567 words·~3 min read·/bill/114/hr/2205/ih/section-3

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

For purposes of this Act, the following definitions shall apply: The term affiliate means any company that controls, is controlled by, or is under common control with another company. The term agency has the same meaning as in section 551(1) of title 5, United States Code. The term breach of data security means the unauthorized acquisition of sensitive financial account information or sensitive personal information. The term breach of data security does not include the unauthorized acquisition of sensitive financial account information or sensitive personal information that is encrypted, redacted, or otherwise protected by another method that renders the information unreadable and unusable if the encryption, redaction, or protection process or key is not also acquired without authorization.
The term carrier means any entity that— provides electronic data transmission, routing, intermediate, and transient storage, or connections to its system or network; does not select or modify the content of the electronic data; is not the sender or the intended recipient of the data; and does not differentiate sensitive financial account information or sensitive personal information from other information that the entity transmits, routes, stores in intermediate or transient storage, or for which such entity provides connections.
The term Commission means the Federal Trade Commission. The term consumer means an individual. The term consumer reporting agency that compiles and maintains files on consumers on a nationwide basis has the same meaning as in section 603(p) of the Fair Credit Reporting Act ( 15 U.S.C. 1681a(p) ). The term covered entity means any individual, partnership, corporation, trust, estate, cooperative, association, or entity that accesses, maintains, communicates, or handles sensitive financial account information or sensitive personal information.
The term covered entity does not include any agency or any other unit of Federal, State, or local government or any subdivision of the unit. The term financial institution has the same meaning as in section 509(3) of the Gramm-Leach-Bliley Act ( 15 U.S.C. 6809(3) ). The term information security program means the administrative, technical, or physical safeguards that a covered entity uses to access, collect, distribute, process, protect, store, use, transmit, dispose of, or otherwise handle sensitive financial account information and sensitive personal information.
The term sensitive financial account information means a financial account number relating to a consumer, including a credit card number or debit card number, in combination with any security code, access code, password, or other personal identification information required to access the financial account. The term sensitive personal information includes— a Social Security number; and the first and last name of a consumer in combination with— the consumer’s driver’s license number, passport number, military identification number, or other similar number issued on a government document used to verify identity; information that could be used to access a consumer’s account, such as a user name and password or e-mail and password; or biometric data of the consumer used to gain access to financial accounts of the consumer.
The term sensitive personal information does not include publicly available information that is lawfully made available to the general public and obtained from— Federal, State, or local government records; or widely distributed media. The term substantial harm or inconvenience means— identity theft; or fraudulent transactions on financial accounts. The term third-party service provider means any person that maintains, processes, or otherwise is permitted access to sensitive financial account information or sensitive personal information in connection with providing services to a covered entity.
Connectionstraces to 2
Citation graph
cites case law
Sec. 3
Definitions
U.S.C.§ 1681a
U.S.C.§ 6809
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.