Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 119th Congress · H.R. 8413 (Introduced in House) — To establish a national framework for consumer privacy rights and the protection of personal data, and for other purp... · Sec. 13

Sec. 13. Applicability

964 words·~4 min read·/bill/119/hr/8413/ih/section-13·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

This Act shall apply to any person that is subject to the Federal Trade Commission Act ( 15 U.S.C. 41 et seq. ) or is a common carrier subject to title II of the Communications Act of 1934 ( 47 U.S.C. 201 et seq. ) and— with respect to the business of the person— conducts business in the United States or offers for use or sale to a resident of the United States a product or service; or processes or engages in the sale of personal data of a resident of the United States; and with respect to personal data and annual gross revenue in the course of such business— collects and processes personal data of more than 200,000 consumers annually (excluding personal data controlled or processed solely for the purpose of completing a payment transaction) and has an annual gross revenue of $25,000,000 or more (as adjusted on January 1 each year by the percentage increase (if any), during the preceding 12-month period, in the Consumer Price Index for All Urban Consumers published by the Bureau of Labor Statistics); or collects and processes personal data of 100,000 or more consumers annually (excluding personal data controlled or processed solely for the purpose of completing a payment transaction) and derives 25 percent or more of the annual gross revenue of the person from the sale of such personal data.
This Act does not apply to the following: A Federal, State, or local governmental entity. An entity that collects, processes, retains, or transfers personal data on behalf of such Federal or State governmental entity, to the extent that such entity is acting as a processor to the governmental entity. A financial institution subject to title V of the Gramm-Leach-Bliley Act ( 15 U.S.C. 6801 et seq. ). A covered entity or business associate subject to parts 160 and 164 of title 45, Code of Federal Regulations.
A nonprofit organization. A nonprofit organization with the primary mission of preventing, investigating, or deterring fraud, training anti-fraud professionals, or educating the public about fraud, including insurance fraud, securities fraud, and financial fraud. An institution of higher education. The National Center for Missing and Exploited Children. An entity created by a Federal or State statute to pay for claims arising from the liquidation of an insurance company. A futures association registered pursuant to section 17 of the Commodity Exchange Act ( 7 U.S.C. 21 ).
A national securities association registered pursuant to section 15A of the Securities Exchange Act of 1934 ( 15 U.S.C. 78o–3 ). Data processed or maintained— by an individual applying to, employed by, or acting as an agent or independent contractor of a controller or processor for such application, employment, or action; for inclusion in the emergency contact information relating an individual; or that is necessary for the administration of benefits for an individual. The following information:
Health information protected under and collected or used for public health activities and purposes in accordance with HIPAA. Health records. Records relating to the identity, diagnosis, prognosis, or treatment of a patient under section 543 of the Public Health Service Act ( 42 U.S.C. 290dd–2 ). Data, information, or identifiable private information (as such term is defined in section 46.102 of title 45, Code of Federal Regulations) obtained pursuant to any of the following: Part 46 of title 45, Code of Federal Regulations.
The Guideline for Good Clinical Practice E6(R3) issued by The International Council for Harmonisation of Technical Requirements for Pharmaceuticals for Human Use. Part 50 or part 56 of title 21, Code of Federal Regulations. Information reported pursuant to the Health Care Quality Improvement Act of 1986 ( 42 U.S.C. 11101 et seq. ). Identifiable patient safety work product and nonidentifiable patient safety work product (as such terms are defined in section 921 of the Public Health Service Act ( 42 U.S.C. 299b–21 )) protected under Part C of title IX of the Public Health Service Act ( 42 U.S.C. 299b–21 et seq. ).
Information derived from any of the health care related information listed in this paragraph that is de-identified in accordance with section 164.514(e) of title 45, Code of Federal Regulations. Information that is included in a limited data set in accordance with the standards and specifications under section 164.514(e) of title 45, Code of Federal Regulations. Personal data that— may impact the creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living of a consumer; and is collected or disclosed by a consumer reporting agency (as such term is defined in section 603(f) of the Fair Credit Reporting Act ( 15 U.S.C. 1681a(f) )) or a furnisher, to the extent that the consumer reporting agency or furnisher is engaged in activities subject to the Fair Credit Reporting Act.
Personal information (as such term is defined in section 2725 of title 18, United States Code) collected, processed, sold, or disclosed under section 2721 of title 18, United States Code. Personally identifiable information and personally identifiable data regulated in accordance with section 444 of the General Education Provisions Act (commonly known as the Family Educational Rights and Privacy Act of 1974 ) ( 20 U.S.C. 1232g ). Personal data collected, processed, sold, or disclosed as a result of an activity authorized under the Farm Credit Act of 1971 ( 12 U.S.C. 2001 et seq. ).
Nonpublic personal information (as such term is defined in section 509 of the Gramm-Leach-Bliley Act ( 15 U.S.C. 6809 )). Any information that originates from, is intermingled with, or is treated in the same manner as information described in subparagraphs
(A)through
(M)that is maintained by the following: A covered entity or business associate. A program or a qualified service organization (as such terms are defined in section 2.11 of title 42, Code of Federal Regulations).
Connectionstraces to 9
3 references not yet in our index
  • 15 USC 78o–3
  • 42 USC 290dd–2
  • 42 USC 299b–21
Citation graph
cites case law
Sec. 13
Applicability
U.S.C.§ 41
U.S.C.§ 201
U.S.C.§ 6801
U.S.C.§ 21
U.S.C.§ 11101
U.S.C.§ 1681a
U.S.C.§ 1232g
U.S.C.§ 2001
U.S.C.§ 6809
Cite15 USC 78o–3
Cite42 USC 290dd–2
Cite42 USC 299b–21
Cites 12Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.