Resources

Disclaimer:

No members of the BTR Team are attorneys, and we are not giving legal advice to you or your organization.  You need to seek legal council as to the applicability of these statutes on you and your enterprise.  Laws change through court interpretation and amendments that may not be represented here.  These listings are only to give you an idea of the fact that legal consequences do exist for consumer protection and employer responsibility to keep sensitive data private.

Using Consumer Reports

If you are using consumer reports complied by a business that provides such information to make an employment decision you must follow the FTC guidelines closely.  Click here to learn more.

Federal Trade Commission: “Protecting Personal Information A Guide For Business” We will email you a copy.  Just fill out the form below: NOTE: FORM IS NOT OPERATIVE RIGHT NOW, PLEASE TRY AGAIN TOMORROW or JUST GIVE US A CALL at 610-444-5295


FTC Brochure

A brief summary of applicable identity theft & data breach Legislation:  (See our disclaimer)

FEDERAL LAWS

The Fair Credit Reporting Act
The Act can be found at this site: Fair Credit Reporting Act
The Fair Credit Reporting Act establishes procedures for correcting mistakes on your credit record and requires that your record only be provided for legitimate business needs.

Fair and Accurate Credit Transactions Act
The Act can be found at this site: Fair and Accurate Credit Transactions Act
The Fair and Accurate Credit Transactions Act is actually an amendment to the Fair Credit Reporting Act and provides several new measures to protect consumers from identity theft.

The Fair Credit Billing Act
The Act can be found at this site:  Fair Credit Billing Act
The Act establishes procedures for resolving billing errors on your credit card bills and statements with regard to your credit card accounts. The Act also limits your liability for unauthorized or fraudulent credit card charges.

The Fair Debit Collection Practices Act
The Act can be found at this site: The Fair Debit Collection Practices Act
The Fair Debt Collection Practices Act prohibits debt collectors from using unfair or deceptive practices to collect overdue bills that your creditor has forwarded for collection.

Identity Theft and Assumption Deterrence Act
The Act can be found at this site: Identity Theft and Assumption Deterrence Act
The Act makes it a federal crime when someone knowingly transfers or uses, without authority, a person’s identification such as their name, social security number, credit card, cellular telephone, electronic serial number or any other piece of information that may be used to commit a crime that is a violation of federal law, or constitutes a felony under any state or local law.

Identity Theft Penalty Enhancement Act
The Act can be found at this site:  Identity Theft Penalty Enhancement Act (new link is being investigated)
The Identity Theft Penalty Enhancement Act establishes penalties for aggravated identity theft.

Data Breach Notification Laws

The National Conference of State Legislatures was founded in 1975 with the conviction that legislative service is one of democracy’s worthiest pursuits. NCSL is a bipartisan organization that serves the legislators and staffs of the nation’s 50 states, its commonwealths and territories. NCSL provides research, technical assistance and opportunities for policymakers to exchange ideas on the most pressing state issues. NCSL is an effective and respected advocate for the interests of state governments before Congress and federal agencies.

California is looked to by many states as setting the “standard.”  Click here for a copy of their notification guide.

We use Pennsylvania as an example of state laws:

For other states you may search current laws through the National Council of State Legislatures. The NCSL data breach legislation website can be accessed at:

www.ncsl.org/programs/lis/cip/priv/breach.htm

PENNSYLVANIA LAWS

Identity Theft Title 18 Pa C.S. 4120
In Pennsylvania, a person commits the offense of identity theft of another person if they possess or use, through any means, identifying information of another person without the consent of that other person to further any unlawful purpose.
Under the law, a police report taken by a local, county, or state law enforcement agency by a person stating that their identifying information had been used without their consent shall be considered evidence that the information was used or possessed without the person’s consent.

Unlawful Use of Computer – Title 18 Pa C.S. 7611

Under the law, a person commits the offense of unlawful use of computer if they intentionally or knowingly and without authorization gives or publishes a password, identifying code, personal identification number, or other confidential information about a computer, computer system and or database, world wide web (www) site, or telecommunication device.

Computer Trespass – Title 18 Pa C.S. 7615

Under the law, a person commits the offense of computer trespass if they knowingly and without authority or in excess of given authority use a computer or computer network with the intent to effect the creation and or alteration of a financial instrument or an electronic transfer of funds.

Forgery – Title 18 Pa C.S. 4101
Under the law, a person is guilty of forgery if they intentionally defraud or injure anyone by altering any writing of another without their authority or makes, completes, executes, authenticates, issues or transfers any writing so that it gives the appearance of being the act of another.

Bad Checks – Title 18 Pa C.S. 4105
Under the law, a person commits the offense of bad checks when he or she issues or passes a check or similar sight order for the payment of money, knowing that it will not be honored by the drawee.


Access Device Fraud – Title 18 C. S. 4106

Under the law, a person commits access device fraud if they use a credit card, debit card, automated teller machine card, plate, code, account number, personal identification number or other means of account access to obtain or attempt to obtain property or services; or if they publish, make, sell, give, or transfer to another the means of account access knowing it is counterfeit, altered, incomplete or belongs to another person.

Disclaimer:

No members of the BTR Team are attorneys, and we are not giving legal advice to you or your organization.  You need to seek legal council as to the applicability of these statutes on you and your enterprise.  Laws change through court interpretation and amendments that may not be represented here.  These listings are only to give you an idea of the fact that legal consequences do exist for consumer protection and employer responsibility to keep sensitive data private.