• Views: in the last
  • 40Week
  • 22Month
  • 234Total

  • NJ A2794
  • "Personal Information and Privacy Protection Act"; restricts collection and use of personal information by retail establishments for certain purposes.
In Committee
Crossed OverPassedSignedDead/Failed/Vetoed
2016-2017 Regular Session
This bill establishes the "Personal Information and Privacy Protection Act" (PIPPA). The bill places restrictions on the way retail establishments may collect and use the personal information contained in the electronic data embedded in identification cards, such as driver's licenses. Businesses commonly engage in the practice of "scanning" the barcodes on identification cards for the purposes of verifying the authenticity of the card, verifying a consumer's age and identity, and preventing fraudulent merchandise return practices. Current identity theft law only provides that a consumer and the State Police must be notified in the case of a security breach related to a computerized record of personal information. This bill sets forth the purposes for which identification cards may be scanned by retail establishments and describes the information that may be gathered by scanning. Under the bill, a retail establishment may scan a person's identification card only for the following purposes: (1) to verify the authenticity of the card or to verify the age or identity of the person in certain circumstances; (2) to prevent fraud or other criminal activity, in the case of merchandise return or exchange, via a fraud prevention service company or system; (3) to establish or maintain a contractual relationship; (4) to record, retain, or transmit information as required by State or federal law; (5) to transmit information to a consumer reporting agency, financial institution, or debt collector to be used as permitted by federal law; or (6) to record, retain, or transmit information by a covered entity governed by medical privacy and security rules established pursuant to federal law. Information that may be collected is limited to the person's name, address, date of birth, and identification card number. The bill also specifies that any information collected, which is permitted to be retained by a retail establishment, must be securely stored and any security breach of the information must be reported to any affected person and the State Police in compliance with current law. A violation of the amended bill's provisions will result in a civil penalty of $2,500 for a first offense and $5,000 for any subsequent offense. Additionally, the bill provides that any person aggrieved by a violation may bring an action in Superior Court to recover damages
2nd Reading in the Assembly, Substituted by another Bill
Substituted by S1913 (2R)  (on 6/22/2017)
Date Chamber Action Description
6/22/2017 A Substituted by S1913 (2R)
6/8/2017 A Assembly Floor Amendment Passed (Jones)
5/11/2017 A Reported out of Assembly Comm. with Amendments, 2nd Reading
5/11/2017 Assembly Consumer Affairs Hearing (19:00 5/11/2017 The committee will take testimony from invited guests regarding )
2/8/2016 A Introduced, Referred to Assembly Consumer Affairs Committee
Date Motion Yea Nay Other
Detail 5/11/2017 Assembly Consumer Affairs Committee: Reported with Amendments 5 0 0