Rechtsvorschriften

THE NSW government plans to create three new identity offences - trafficking in identity data, possession with intent to commit a crime, and possession of equipment for the purpose of identity theft - in an overhaul of the state's Crimes Act.

The new laws will apply to offences committed offline and online.

Starting Nov. 2, 2009, Ohio regulators and all insurance companies that do business in the state will begin new procedures designed to protect policyholders' personal information.

Insurance companies will be required to report any loss of policyholder information within their possession to the Department of Insurance within 15 days of the discovery that the information has been lost or stolen, according to Insurance Director Mary Jo Hudson.

The state of Indiana will soon require much more documentation to obtain a driver’s license or a state identification. The state says the measures are aimed at preventing identity theft, which victimizes millions of Americans each year. However, some are still fighting the new rules. They fear it will hamper a person’s ability to cast a ballot.

If you want to renew your driver’s license in Indiana today, all you basically have to do is show your current license and you’re in.

LANSING -- Identity theft victims will be able to seek compensation for the time and effort it takes to clean up their damaged credit history if legislation proposed by a S.W. Michigan lawmaker becomes law.

Representative Matt Lori (R-Constantine) says that the bill updates Michigan law by better defining what constitutes identity theft, and increasing the penalties. It also makes victims of identity theft eligible for restitution from the Michigan Crime Victim Compensation Fund.

On July 3, 2009, the German Federal Parliament passed comprehensive amend¬ments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including marketing, security breach notification, service provider contracts and protections for employee data. They also include new powers for data protection authorities and provide for increased fines for violations of data protection law provisions.

On May 30, 2009, Nevada enacted a new law, SB 227, which will basically replace NRS 597.970 in January 2010.

In many ways the new law is an improvement over the much more vague, and brief, NRS 597.970. I want to focus here on an improvement, but something that still leaves much to interpretation; that is, what is meant by "encryption"?

According to NRS 205.4742,

On July 1, 2009, new laws will take effect in Alaska and South Carolina that will require entities that have experienced data security breaches involving personal information to notify affected individuals of the breaches. With these additions, a total of 44 states, plus the District of Columbia, Puerto Rico and the U.S. Virgin Islands, will have active breach notification laws in place. There are no breach notification laws in Alabama, Kentucky, Mississippi, Missouri, New Mexico and South Dakota.

European data breach notification laws applying to all online information service providers could be in force by 2011, according to the European data protection supervisor Peter Hustinx.

Federal Service for Supervision of Mass Media, Communications and Protection of Cultural Heritage (Rossvyazokrankultury) on March 28, 2008 issued an order according to which a special register of owners and operators of different databases will be introduced.

Rossiiskaya Gazeta reports that the register will include all operators which process personal data. The Rossvyazokrankultury register will be available to all consumers without limitation. Citizens will be able to learn for what reasons some or other organizations collect data on a consumer and how they will use it.