Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 115th Congress · H.R. 3806 (Introduced in House) — To establish a national data breach notification standard, and for other purposes. · Sec. 13

Sec. 13. Definitions

607 words·~3 min read·/bill/115/hr/3806/ih/section-13

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

In this Act: The term breach notification entity means the Federal Government entity designated pursuant to section 2(e). The term business entity means any organization, corporation, trust, partnership, sole proprietorship, unincorporated association, or venture, whether or not established to make a profit. The term Commission means the Federal Trade Commission. The term consumer financial product or service has the meaning given that term in section 1002 of the Dodd-Frank Wall Street Reform and Consumer Protection Act ( 12 U.S.C. 5481 ).
The term data system communication information means dialing, routing, addressing, or signaling information that identifies the origin, direction, destination, processing, transmission, or termination of each communication initiated, attempted, or received. The term date and time includes the date, time, and specification of the time zone offset from Coordinated Universal Time. The term Federal agency has the meaning given the term agency in section 3502 of title 44, United States Code.
The term intelligence community has the meaning given that term in section 3(4) of the National Security Act of 1947 ( 50 U.S.C. 3003(4) ). The term Internet address means an Internet Protocol address as specified by the Internet Protocol version 4 or 6 protocol, or any successor protocol or any unique number for a specific host on the Internet. The term security breach means a compromise of the security, confidentiality, or integrity of, or the loss of, computerized data that results in, or there is a reasonable basis to conclude has resulted in— the unauthorized acquisition of sensitive personally identifiable information; or access to sensitive personally identifiable information that is for an unauthorized purpose, or in excess of authorization.
The term security breach does not include any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or a political subdivision of a State, or of an element of the intelligence community. The term sensitive personally identifiable information means any information or compilation of information, in electronic or digital form that includes one or more of the following: An individual’s first and last name or first initial and last name in combination with any two of the following data elements:
Home address or telephone number. Mother’s maiden name. Month, day, and year of birth. A Social Security number (but not including only the last four digits of a Social Security number), driver’s license number, passport number, or alien registration number or other Government-issued unique identification number. Unique biometric data such as a finger print, voice print, a retina or iris image, or any other unique physical representation. A unique account identifier, including a financial account number or credit or debit card number, electronic identification number, user name, or routing code.
A user name or electronic mail address, in combination with a password or security question and answer that would permit access to an online account. Any combination of the following data elements: An individual’s first and last name or first initial and last name. A unique account identifier, including a financial account number or credit or debit card number, electronic identification number, user name, or routing code. Any security code, access code, or password, or source code that could be used to generate such codes or passwords.
The Commission may, by rule promulgated under section 553 of title 5, United States Code, amend the definition of sensitive personally identifiable information to the extent that such amendment will accomplish the purposes of this Act. In amending the definition, the Commission may determine— that any particular combinations of information are sensitive personally identifiable information; or that any particular piece of information, on its own, is sensitive personally identifiable information.
Connectionstraces to 2
Traces to 2 documents
Citation graph
cites case law
Sec. 13
Definitions
U.S.C.§ 5481
U.S.C.§ 3003
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.