Jacko Law Group, PC
Call Today for a Consultation
San Diego 619-298-2880 San Francisco 415-766-3599 Los Angeles 213-631-2549

States Weigh In on Identity Theft Protections

In April 2013, the SEC and the CFTC jointly issued their final rules and guidelines for entities regulated by each of the respective agencies under Regulation S-ID - Identity Theft Red Flags Rules (the "Rule" or "Regulation S-ID").  The new regulation became effective on May 20, 2013 and requires all affected firms to have policies and procedures in place by November 20, 2013.  Regulation S-ID requires that all "financial institutions" (as that term is defined in the Rule) develop policies and procedures to prevent, identify and mitigate identify theft. Now individual states also are creating rules and regulations that may help supplement those policies and procedures required of Regulation S-ID.  For example, in the State of California, Cal. Civ. Code 1798.82 (California's data breach notification law) describes what the state deems to be personally identifiable information which currently includes information such as a person's first name or first initial and last name in combination with any of the following: Social Security number, Driver's license number, etc.  Governor Jerry Brown recently signed into law an amendment (taking effect January 1, 2014) that amends the current code and requires that "user names and email addresses must be combined with a password or security question and answer to permit access to an online account."  In addition, should there be a breach of this type of information, the firm must provide notice to the affected person, directing him or her to change his or her password and security question or answer, as applicable, and to take other appropriate steps to protect the online account in question and all other accounts for which that person uses the same credentials. Furthermore, if the firm has more than 500 clients located in the state of California and a breach occurs, not only is the firm required to notify individual clients as described above, but it must also submit an online form to the State of California describing the breach and steps taken in response to the breach.  A sample of this form can be found here. For further information on this, or other related topics, please contact us at [email protected] or (619)298-2880.

No Comments

Leave a comment
Comment Information
Email Us For A Response

How Can We Help?

Email us to request more information or to schedule an appointment.

Bold labels are required.

Contact Information

The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.


Privacy Policy

San Diego Office
1350 Columbia Street
Suite 300
San Diego, CA 92101

Toll Free: 866-497-2298
Phone: 213-631-2549
Phone: 619-298-2880
Fax: 619-298-2882
Map & Directions

San Francisco Office
Four Embarcadero Center
Suite 1400
San Francisco, CA 94111

Phone: 213-631-2549
Phone: 415-766-3599
Fax: 619-298-2882
Map & Directions

Los Angeles Office
535 N. Brand Boulevard
Suite 270
Glendale, CA 91203

Phone: 213-631-2549
Fax: 619-298-2882
Map & Directions