25th Legislature(2007-2008)
Bill Text 25th Legislature
Basis
Navigation
- Bills
- Committees
- Session
- Session Laws
- Tools
- Archive
-
00 HOUSE BILL NO. 65
01 "An Act relating to breaches of security involving personal information, credit report
02 and credit score security freezes, consumer credit monitoring, credit accuracy,
03 protection of social security numbers, care of records, disposal of records, identity theft,
04 furnishing consumer credit header information, credit cards, and debit cards, and to the
05 jurisdiction of the office of administrative hearings; amending Rule 60, Alaska Rules of
06 Civil Procedure; and providing for an effective date."
07 BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF ALASKA:
08 * Section 1. AS 40.21.110 is amended to read:
09 Sec. 40.21.110. Care of records. Except for public records lawfully in the
10 possession of a person other than the state, public records of existing or defunct
11 agencies of the state, territorial, and Russian governments in Alaska are the property
12 of the state and shall be created, maintained, preserved, stored, transferred, destroyed
13 or disposed of, and otherwise managed in accordance with the provisions of this
01 chapter and AS 45.48.500 - 45.48.530. Records shall be delivered by outgoing
02 officials and employees to their successors, and may not be removed, destroyed or
03 disposed of, except as provided in this chapter and AS 45.48.500 - 45.48.530.
04 * Sec. 2. AS 44.64.030(a) is amended by adding a new paragraph to read:
05 (35) AS 45.48.080(c) (breach of security involving personal
06 information).
07 * Sec. 3. AS 45 is amended by adding a new chapter to read:
08 Chapter 48. Personal Information Protection Act.
09 Article 1. Breach of Security Involving Personal Information.
10 Sec. 45.48.010. Disclosure of breach of security. (a) If a person owns or uses
11 personal information that includes personal information on a state resident, and a
12 breach of the security of the information system containing the personal information
13 occurs, the person shall, after discovering or being notified of the breach, disclose the
14 breach to each state resident whose personal information was subject to the breach.
15 (b) An information collector shall make the disclosure required by (a) of this
16 section in the most expeditious time possible and without unreasonable delay, except
17 as provided in AS 45.48.020 and as necessary to determine the scope of the breach and
18 restore the reasonable integrity of the information system.
19 Sec. 45.48.020. Allowable delay in notification. An information collector
20 may delay disclosing the breach under AS 45.48.010 if an appropriate law
21 enforcement agency determines that disclosing the breach will interfere with a
22 criminal investigation. However, the information collector shall disclose the breach to
23 the state resident in the most expeditious time possible and without unreasonable delay
24 after the law enforcement agency informs the information collector in writing that
25 disclosure of the breach will no longer interfere with the investigation�
26 Sec. 45.48.030. Methods of notice. An information collector shall make the
27 disclosure required by AS 45.48.010
28 (1) by a written document sent to the most recent address the
29 information collector has for the state resident;
30 (2) by electronic means if making the disclosure by the electronic
31 means is consistent with the provisions regarding electronic records and signatures
01 required for notices legally required to be in writing under 15 U.S.C. 7001 et seq.
02 (Electronic Signatures in Global and National Commerce Act); or
03 (3) if the information collector demonstrates that the cost of providing
04 notice would exceed $250,000, that the affected class of state residents to be notified
05 exceeds 500,000, or that the information collector does not have sufficient contact
06 information to provide notice, by
07 (A) electronic mail if the information collector has an
08 electronic mail address for the state resident;
09 (B) conspicuously posting the disclosure on the Internet
10 website of the information collector if the information collector maintains an
11 Internet site; and
12 (C) providing a notice to major statewide media.
13 Sec. 45.48.040. Notification of certain other agencies. (a) If an information
14 collector is required by AS 45.48.010 to notify more than 1,000 state residents of a
15 breach, the information collector shall also notify without unreasonable delay all
16 consumer reporting agencies that compile and maintain files on consumers on a
17 nationwide basis and provide the agencies with the timing, distribution, and content of
18 the notices.
19 (b) This section may not be construed to require the information collector to
20 provide the consumer reporting agencies identified under (a) of this section with the
21 names or other personal information of the state residents whose personal information
22 was subject to the breach.
23 (c) This section does not apply to an information collector who is subject to 15
24 U.S.C. 6801 - 6827 (Gramm-Leach-Bliley Financial Modernization Act).
25 (d) In this section, "consumer reporting agency that compiles and maintains
26 files on consumers on a nationwide basis" has the meaning given in 15 U.S.C.
27 1681a(p).
28 Sec. 45.48.050. Exception for employees and agents. In AS 45.48.010 -
29 45.48.090, the good faith acquisition of personal information by an employee or agent
30 of an information collector for a legitimate purpose of the information collector is not
31 a breach of the security of the information system if the employee or agent does not
01 use the personal information for a purpose unrelated to a legitimate purpose of the
02 information collector and does not make further unauthorized disclosure of the
03 personal information.
04 Sec. 45.48.060. Waivers. A waiver of AS 45.48.010 - 45.48.090 is void and
05 unenforceable.
06 Sec. 45.48.070. Treatment of certain breaches. (a) If a breach of the security
07 of the information system containing personal information on a state resident that is
08 maintained by an information recipient occurs, the information recipient is not
09 required to comply with AS 45.48.010 - 45.48.030. However, immediately after the
10 information recipient discovers the breach, the information recipient shall notify the
11 information distributor who owns the personal information or who licensed the use of
12 the personal information to the information recipient about the breach and cooperate
13 with the information distributor as necessary to allow the information distributor to
14 comply with (b) of this section. In this subsection, "cooperate" means sharing with the
15 information distributor information relevant to the breach, except for confidential
16 business information or trade secrets.
17 (b) If an information recipient notifies an information distributor of a breach
18 under (a) of this section, the information distributor shall comply with AS 45.48.010 -
19 45.48.030 as if the breach occurred to the information system maintained by the
20 information distributor.
21 Sec. 45.48.080. Violations. (a) If an information collector who is a
22 governmental agency violates AS 45.48.010 - 45.48.090 with regard to the personal
23 information of a state resident, the information collector
24 (1) is liable to the state for a civil penalty of up to $500 for each state
25 resident who was not notified under AS 45.48.010 - 45.48.090, but the total civil
26 penalty may not exceed $50,000; and
27 (2) may be enjoined from further violations.
28 (b) If an information collector who is not a governmental agency violates
29 AS 45.48.010 - 45.48.090 with regard to the personal information of a state resident,
30 the violation is an unfair or deceptive act or practice under AS 45.50.471 - 45.50.561.
31 However, the information collector is not subject to the civil penalties imposed under
01 AS 45.50.551 but is liable to the state for a civil penalty of up to $500 for each state
02 resident who was not notified under AS 45.48.010 - 45.48.090, except that the total
03 civil penalty may not exceed $50,000.
04 (c) The Department of Administration may enforce (a) of this section against a
05 governmental agency. The procedure for review of an order or action of the
06 department under this subsection is the same as the procedure provided by AS 44.62
07 (Administrative Procedure Act), except that the office of administrative hearings
08 (AS 44.64.010) shall conduct the hearings in contested cases and the decision may be
09 appealed under AS 44.64.030(c).
10 (d) In this section, "governmental agency" means a state or local governmental
11 agency, except for an agency of the judicial branch.
12 Sec. 45.48.090. Definitions. In AS 45.48.010 - 45.48.090,
13 (1) "breach of the security" means unauthorized acquisition, or
14 reasonable belief of unauthorized acquisition, of personal information that
15 compromises the security, confidentiality, or integrity of the personal information
16 maintained by the information collector; in this paragraph, "acquisition" includes
17 acquisition by
18 (A) photocopying, facsimile, or other paper-based method;
19 (B) a device, including a computer, that can read, write, or
20 store information that is represented in numerical form; or
21 (C) a method not identified by (A) or (B) of this paragraph;
22 (2) "information collector" means a person who owns or uses personal
23 information in any form if the personal information includes personal information on a
24 state resident;
25 (3) "information distributor" means a person who is an information
26 collector and who owns or licenses personal information to an information recipient;
27 (4) "information recipient" means a person who is an information
28 collector but who does not own or have the right to license to another information
29 collector the personal information received by the person from an information
30 distributor;
31 (5) "personal information" means information in any form on an
01 individual that is not encrypted or redacted, or is encrypted and the encryption key has
02 been accessed or acquired, and that consists of a combination of
03 (A) an individual's name, address, or telephone number; in this
04 subparagraph, "individual's name" means a combination of an individual's
05 (i) first name or first initial; and
06 (ii) last name; and
07 (B) one or more of the following information elements:
08 (i) the individual's social security number;
09 (ii) the individual's driver's license number or state
10 identification card number;
11 (iii) the individual's account number, credit card
12 account number, or debit card account number;
13 (iv) account passwords or personal identification
14 numbers or other access codes.
15 Article 2. Credit Report and Credit Score Security Freeze.
16 Sec. 45.48.100. Security freeze authorized. A consumer may prohibit a
17 consumer credit reporting agency from releasing all or a part of the consumer's credit
18 report or credit score without the express authorization of the consumer by placing a
19 security freeze on the consumer's credit report.
20 Sec. 45.48.110. Placement of security freeze. (a) To place a security freeze, a
21 consumer shall make the request to the consumer credit reporting agency
22 (1) by certified mail to the address designated by the consumer credit
23 reporting agency to receive security freeze requests; or
24 (2) as allowed by (b) of this section.
25 (b) A consumer may make a request under (a) of this section by telephone or
26 by fax, the Internet, or other electronic media if the consumer credit reporting agency
27 has developed procedures for using the telephone or an electronic medium to receive
28 and process the request in an expedited manner.
29 (c) A consumer credit reporting agency shall place a security freeze within
30 five business days after receiving a request under (a) or (b) of this section and proper
31 identification from the consumer.
01 Sec. 45.48.120. Confirmation of security freeze. (a) Within 10 business days
02 after a consumer makes the request under AS 45.48.110, a consumer credit reporting
03 agency shall send a written confirmation of the placement of the security freeze to the
04 consumer.
05 (b) At the same time that the consumer credit reporting agency sends a
06 confirmation under (a) of this section, the consumer credit reporting agency shall
07 provide the consumer with a unique personal identification number, password, or
08 similar device to be used by the consumer when the consumer authorizes the release of
09 the consumer's credit report or credit score under AS 45.48.130.
10 Sec. 45.48.130. Access and actions during security freeze. (a) While a
11 security freeze is in place, a consumer credit reporting agency shall allow a third party
12 access to a consumer's credit report or credit score if the consumer requests that the
13 consumer credit reporting agency allow the access.
14 (b) To make a request under (a) of this section, the consumer shall contact the
15 consumer credit reporting agency by certified mail to the address designated by the
16 consumer credit reporting agency to receive security freeze requests or as allowed by
17 (c) of this section, authorize the consumer credit reporting agency to allow the access,
18 and provide the consumer credit reporting agency with
19 (1) proper identification to verify the consumer's identity;
20 (2) the unique personal identification number, password, or similar
21 device provided under AS 45.48.120(b); and
22 (3) the proper information necessary to identify the third party to
23 whom the consumer credit reporting agency may allow the access or the time period
24 during which the consumer credit reporting agency may allow the access to third
25 parties who request the access.
26 (c) In addition to certified mail, a consumer may make a request under (a) of
27 this section by telephone or by fax, the Internet, or other electronic media if the
28 consumer credit reporting agency has developed procedures for using the telephone or
29 an electronic medium to receive and process the request in an expedited manner.
30 (d) A consumer credit reporting agency that receives a request from a
31 consumer under (b) or (c) of this section shall comply with the request immediately
01 after receiving the request by telephone or by an electronic medium or within three
02 business days after receiving the request by certified mail.
03 (e) If a security freeze is in place, a consumer credit reporting agency may not
04 release the credit report or credit score to a third party without the prior express
05 authorization of the consumer.
06 (f) If a security freeze is in place on a consumer's credit report and credit score
07 and if a third party applies to a consumer credit reporting agency to provide the third
08 party with access to the consumer's credit report or credit score, the consumer credit
09 reporting agency and, except as provided for insurers under (g) of this section, the
10 third party may treat the third party's application as incomplete unless the consumer
11 authorizes the access under (a) of this section.
12 (g) If an insurer requests access to a consumer report on which a security
13 freeze is in place, unless the consumer authorizes access under (a) of this section, the
14 insurer may, notwithstanding AS 21.36.460,
15 (1) treat the consumer's application as incomplete;
16 (2) decline the consumer's application if the consumer does not lift the
17 security freeze for the insurer after a request by the insurer or the insurer's agent;
18 (3) treat the consumer as if the consumer has a neutral credit rating;
19 (4) exclude the use of credit information as a factor and use only
20 underwriting criteria; or
21 (5) treat the consumer in a manner that is otherwise approved by the
22 division of insurance.
23 (h) If a security freeze is in place, a consumer credit reporting agency may not
24 change the consumer's official information in the credit report without sending a
25 written statement of the change to the consumer within 30 days after the change is
26 made. A consumer credit reporting agency is not required to send a written statement
27 if the consumer credit reporting agency makes a technical change in the consumer's
28 official information. If a consumer credit reporting agency makes a change, other than
29 a technical change, in a consumer's address, the consumer credit reporting agency
30 shall send the written statement to the consumer at both the new address and the
31 former address. In this subsection,
01 (1) "official information" means name, birth date, social security
02 number, and address;
03 (2) "technical change" means changing spelling, transposing numbers
04 or letters, abbreviating a word, or spelling out an abbreviation.
05 (i) This section is not intended to prevent a consumer credit reporting agency
06 from advising a third party that requests access to a consumer's credit report or credit
07 score that a security freeze is in effect.
08 (j) The procedures used by a consumer credit reporting agency for
09 implementing the provisions of this section may include the use of telephone,
10 facsimile, or electronic means if making the disclosure by the electronic means is
11 consistent with the provisions regarding electronic records and signatures required for
12 notices legally required to be in writing under 15 U.S.C. 7001 et seq. (Electronic
13 Signatures in Global and National Commerce Act), Internet, electronic mail, or
14 another electronic method.
15 Sec. 45.48.140. Removal of security freeze. (a) Except as provided by
16 AS 45.48.130, a consumer credit reporting agency may not remove a security freeze
17 unless
18 (1) the consumer requests that the consumer credit reporting agency
19 remove the security freeze under (b) of this section; or
20 (2) the consumer made a material misrepresentation of fact to the
21 consumer credit reporting agency when the consumer requested the security freeze
22 under AS 45.48.110; if a consumer credit reporting agency intends to remove a
23 security freeze on a consumer's credit report under this paragraph, the consumer credit
24 reporting agency shall notify the consumer in writing before removing the security
25 freeze.
26 (b) A consumer credit reporting agency shall remove a security freeze
27 immediately after receiving a request for removal from the consumer who requested
28 the security freeze.
29 (c) To make a request under (b) of this section, the consumer shall contact the
30 consumer credit reporting agency by certified mail or as allowed by (d) of this section,
31 authorize the consumer credit reporting agency to remove the security freeze, and
01 provide the consumer credit reporting agency with
02 (1) proper identification to verify the consumer's identity; and
03 (2) the unique personal identification number, password, or similar
04 device provided under AS 45.48.120(b).
05 (d) In addition to certified mail, a consumer may make a request under (b) of
06 this section by telephone or by fax, the Internet, or other electronic media if the
07 consumer credit reporting agency has developed procedures for using the telephone or
08 an electronic medium to receive and process the request in an expedited manner.
09 Sec. 45.48.150. Prohibition. When dealing with a third party, a consumer
10 credit reporting agency may not suggest, state, or imply that a consumer's security
11 freeze reflects a negative credit score, history, report, or rating.
12 Sec. 45.48.160. Charges. (a) Except as provided by (b) of this section, a
13 consumer credit reporting agency may not charge a consumer to place or remove a
14 security freeze, to provide access under AS 45.48.130, or to take any other action,
15 including the issuance of a personal identification number, password, or similar device
16 under AS 45.48.120, that is related to the placement of, removal of, or allowing access
17 to a credit report or credit score on which a security freeze has been placed.
18 (b) If a consumer fails to retain a personal identification number, password, or
19 similar device issued under AS 45.48.120, a consumer credit reporting agency may
20 charge the consumer up to $5 for each time after the first time that the consumer credit
21 reporting agency issues the consumer another personal identification number,
22 password, or similar device because the consumer failed to retain the personal
23 identification number, password, or similar device. �
24 Sec. 45.48.170. Notice of rights. When a consumer credit reporting agency is
25 required to give a consumer a summary of rights under 15 U.S.C. 1681g (Fair Credit
26 Reporting Act), a consumer credit reporting agency shall also give the consumer the
27 following notice:
28 Consumers Have the Right to Obtain a Security Freeze
29 You may obtain a security freeze on your credit report and
30 credit score at no charge to protect your privacy and ensure that credit
31 is not granted in your name without your knowledge. You have a right
01 to place a "security freeze" on your credit report and credit score under
02 state law (AS 45.48.100 - 45.48.290).
03 The security freeze will prohibit a consumer credit reporting
04 agency from releasing your credit score and any information in your
05 credit report without your express authorization or approval.
06 The security freeze is designed to prevent credit, loans, and
07 other services from being approved in your name without your consent.
08 However, you should be aware that using a security freeze to take
09 control over who gets access to the personal and financial information
10 in your credit report and credit score may delay, interfere with, or
11 prohibit the timely approval of any subsequent request or application
12 you make regarding a new loan, credit, a mortgage, a governmental
13 service, a governmental payment, rental housing, employment, an
14 investment, a license, a cellular telephone, a utility, a digital signature,
15 an Internet credit card transaction, an extension of credit at point of
16 sale, and other items and services.
17 When you place a security freeze on your credit report and
18 credit score, within 10 business days you will be provided a personal
19 identification number, password, or similar device to use if you choose
20 to remove the freeze on your credit report and credit score or to
21 temporarily authorize the release of your credit report and credit score
22 to a specific third party or specific third parties or for a specific period
23 of time after the freeze is in place. To provide that authorization, you
24 must contact the consumer credit reporting agency and provide all of
25 the following:
26 (1) proper identification to verify your identity;
27 (2) the personal identification number, password, or
28 similar device provided by the consumer credit reporting agency;
29 (3) proper information necessary to identify the third
30 party or third parties who are authorized to receive the credit report and
31 credit score or the specific period of time for which the credit report
01 and credit score are to be available to third parties.
02 A consumer credit reporting agency that receives your request
03 to temporarily lift a freeze on a credit report and credit score is required
04 to comply with the request immediately after receiving your request if
05 you make the request by telephone, or an electronic method if the
06 agency provides an electronic method, or within three business days
07 after receiving your request if you make the request by certified mail.
08 A security freeze does not apply to circumstances where you
09 have an existing account relationship and a copy of your credit report
10 and credit score are requested by your existing creditor or its agents or
11 affiliates for certain types of account review, collection, fraud control,
12 or similar activities.
13 If you are actively seeking credit, you should understand that
14 the procedures involved in lifting a security freeze may slow your own
15 applications for credit. You should plan ahead and lift a freeze, either
16 completely if you are shopping around, or specifically for a certain
17 creditor, days before applying for new credit.
18 You have a right to bring a civil action against someone who
19 violates your rights under these laws on security freezes. The action can
20 be brought against a consumer credit reporting agency.
21 Sec. 45.48.180. Notification after violation. If a consumer credit reporting
22 agency violates a security freeze by releasing a consumer's credit report or credit
23 score, the consumer credit reporting agency shall notify the consumer within five
24 business days after the release, and the information in the notice must include an
25 identification of the information released and of the third party who received the
26 information.
27 Sec. 45.48.190. Violations and penalties. (a) A consumer who suffers
28 damages as a result of a person's violation of AS 45.48.100 - 45.48.290 may bring an
29 action in court against the person and recover, in the case of a violation where the
30 person acted
31 (1) negligently, actual damages, including loss of wages, and, when
01 applicable, damages for pain and suffering;
02 (2) knowingly,
03 (A) damages as described in (1) of this subsection;
04 (B) punitive damages that are not less than $100 nor more than
05 $5,000 for each violation as the court determines to be appropriate; and
06 (C) other relief that the court determines to be appropriate.
07 (b) A consumer may bring an action in court against a person for a violation or
08 threatened violation of AS 45.48.100 - 45.48.290 for injunctive relief, whether or
09 not the consumer seeks another remedy under this section.
10 (c) Notwithstanding (a)(2) of this section, a person who knowingly violates
11 AS 45.48.100 - 45.48.290 is liable in a class action for an amount that the court
12 allows. When determining the amount of an award in a class action under this
13 subsection, the court shall consider, among the relevant factors, the amount of any
14 actual damages awarded, the frequency of the violations, the resources of the violator,
15 and the number of consumers adversely affected.
16 (d) In this section, "knowingly" has the meaning given in AS 11.81.900.
17 Sec. 45.48.200. Exemptions. The provisions of AS 45.48.100 - 45.48.290 do
18 not apply to the use of a credit report by
19 (1) a person, the person's subsidiary, affiliate, or agent, or the person's
20 assignee with whom a consumer has or, before the assignment, had an account,
21 contract, or debtor-creditor relationship if the purpose of the use is to review the
22 consumer's account or to collect a financial obligation owing on the account, contract,
23 or debt;
24 (2) a subsidiary, an affiliate, an agent, an assignee, or a prospective
25 assignee of a person to whom access has been granted under AS 45.48.130 if the
26 purpose of the use is to facilitate the extension of credit or another permissible use;
27 (3) a person acting under a court order, warrant, or subpoena;
28 (4) an agency of a state or municipality that administers a program for
29 establishing and enforcing child support obligations;
30 (5) the Department of Health and Social Services, its agents, or its
31 assigns when investigating fraud;
01 (6) the Department of Revenue, its agents, or its assigns when
02 investigating or collecting delinquent taxes or unpaid court orders or when
03 implementing its other statutory responsibilities;
04 (7) a person if the purpose of the use is prescreening allowed under 15
05 U.S.C. 1681b(c) (Fair Credit Reporting Act);
06 (8) a person administering a credit file monitoring subscription service
07 to which the consumer has subscribed;
08 (9) a person providing a consumer with a copy of the consumer's credit
09 report or credit score at the consumer's request;
10 (10) a consumer credit reporting agency if the data base or file of the
11 consumer credit reporting agency consists entirely of information concerning and used
12 solely for one or more of the following purposes:
13 (A) criminal record information;
14 (B) personal loss history information;
15 (C) fraud prevention or detection;
16 (D) tenant screening; or
17 (E) employment screening; or
18 (11) a person who acts only as a reseller of consumer information by
19 assembling and merging information contained in the data bases of consumer credit
20 reporting agencies and does not maintain a permanent data base of consumer
21 information from which new consumer credit reports are produced.
22 Sec. 45.48.290. Definitions. In AS 45.48.100 - 45.48.290,
23 (1) "account review" means activities related to account maintenance,
24 account monitoring, credit line increases, and account upgrades and enhancements;
25 (2) "consumer" means an individual who is the subject of a credit
26 report or credit score;
27 (3) "consumer credit reporting agency" has the meaning given in
28 AS 45.48.990, but does not include a person who issues reports
29 (A) on incidents of fraud or authorizations for the purpose of
30 approving or processing negotiable instruments, electronic funds transfers, or
31 similar methods of payments; or
01 (B) regarding account closures because of fraud, substantial
02 overdrafts, automated teller machine abuse, or similar negative information
03 regarding a consumer to inquiring banks or other financial institutions for use
04 only in reviewing consumer requests for deposit accounts at the inquiring
05 banks or financial institutions;
06 (4) "security freeze" means a prohibition against a consumer credit
07 reporting agency from releasing all or a part of a consumer's credit report or credit
08 score without the express authorization of the consumer;
09 (5) "third party" means a person who is not
10 (A) the consumer who is the subject of the consumer's credit
11 report or credit score; or
12 (B) the consumer credit reporting agency that is holding the
13 consumer's credit report or credit score.
14 Article 3. Consumer Credit Monitoring; Credit Accuracy.
15 Sec. 45.48.300. Required disclosure. A consumer credit reporting agency
16 shall, if a consumer makes the request and the request is not covered by the free
17 disclosure provision of 15 U.S.C. 1681j(a) - (d) (Fair Credit Reporting Act), clearly
18 and accurately disclose to the consumer the information described under
19 AS 45.48.310.
20 Sec. 45.48.310. Information to be disclosed. (a) The following information
21 must be disclosed under AS 45.48.300:
22 (1) all information in the consumer's file when the consumer makes the
23 request, except that this paragraph may not be construed to require a consumer credit
24 reporting agency to disclose information concerning credit scores, risk scores, or other
25 predictors that are governed by 15 U.S.C. 1681g;
26 (2) the sources of the information described in (1) of this subsection;
27 (3) an identification of each person, including each end user identified
28 under 15 U.S.C. 1681e, who procured a report on the consumer
29 (A) for employment purposes during the two-year period that
30 precedes the date when the consumer's request is made; or
31 (B) for a purpose other than employment purposes during the
01 one-year period that precedes the date when the consumer's request is made;
02 (4) the dates, original payees, and amounts of any checks that
03 (A) provide the basis for an adverse characterization of the
04 consumer; and
05 (B) are included in the file when the disclosure is made or can
06 be inferred from the file;
07 (5) a record of all inquiries that were received by the consumer credit
08 reporting agency during the one-year period that precedes the request and that identify
09 the consumer in connection with a credit or insurance transaction that was not initiated
10 by the consumer; and
11 (6) a statement that the consumer may request and obtain a credit score
12 if the consumer requests the credit file and not the credit score.
13 (b) The information to be disclosed under (a)(3) of this section must include
14 (1) the name of the person or, if applicable, the full trade name under
15 which the person conducts business; and
16 (2) the address and telephone number of the person if requested by the
17 consumer.
18 (c) A consumer credit reporting agency is not required to disclose the
19 information described in (a)(3) of this section if
20 (1) the end user is an agency of the United States government and
21 procures the consumer's credit report from the consumer credit reporting agency to
22 determine the eligibility of the consumer to receive access or continued access to
23 classified information; in this paragraph, "classified information" has the meaning
24 given in 15 U.S.C. 1681b; and
25 (2) the individual who is in charge of the end user makes a written
26 finding as prescribed under 15 U.S.C. 1681b(b)(4)(A).
27 Sec. 45.48.320. Cost of disclosure. (a) A consumer credit reporting agency
28 may impose a reasonable charge on a consumer for making a disclosure under
29 AS 45.48.300. The charge may not exceed
30 (1) $2 for each of the first 12 requests from the consumer in a calendar
31 year;
01 (2) $8 for each request beyond the 12 requests covered by (1) of this
02 subsection in a calendar year.
03 (b) The consumer credit reporting agency shall disclose the charge to the
04 consumer before making the disclosure under AS 45.48.300.
05 Sec. 45.48.330. Form of disclosure. (a) A consumer may make a request
06 under AS 45.48.300 in writing, in person, by telephone if the consumer has made a
07 written request for the disclosure, by electronic means if the consumer credit reporting
08 agency offers electronic access for any other purpose, or by any other reasonable
09 means that is available from the consumer credit reporting agency.
10 (b) To make a request in person under (a) of this section, the consumer shall,
11 after reasonable notice to the consumer credit reporting agency, appear during normal
12 business hours at the consumer credit reporting agency's place of business where the
13 consumer credit reporting agency normally provides disclosures under AS 45.48.300.
14 Sec. 45.48.340. Timing of disclosure. A consumer credit reporting agency
15 shall provide a consumer with the disclosure under AS 45.48.300 within
16 (1) 24 hours after the date on which the request is made if the
17 disclosure is made by electronic means under AS 45.48.330(a); or
18 (2) five days after the date on which the request is made if the
19 disclosure is made in writing, in person, by telephone, or by any other reasonable
20 means that is available from the consumer credit reporting agency, except by
21 electronic means.
22 Sec. 45.48.350. Credit accuracy. (a) A person who does business in the state
23 by distributing information about an individual's credit history, score, or ranking shall,
24 when notified that the information that the person is distributing is inaccurate,
25 immediately stop distributing the information until the accuracy of the information can
26 be verified or the inaccuracies in the information corrected.
27 (b) If a person who does business in the state by distributing information about
28 an individual's credit history, score, or ranking releases information about an
29 individual that is inaccurate, the person shall, as quickly as possible after discovering
30 that inaccurate information is being distributed,
31 (1) repair, to the extent possible, the damage to the individual caused
01 by the release of the inaccurate information; and
02 (2) pay fair and reasonable compensation to the individual for the
03 damage caused to the individual by the release of the inaccurate information.
04 (c) If a person fails to comply with (b) of this section, an individual may bring
05 an action in court to compel the person to comply with (b) of this section.
06 (d) In this section, "does business in the state" means engages in activities that
07 provide at least the minimum contacts required by substantive due process for the state
08 to exercise jurisdiction over the person who is engaging in the activities.
09 Article 4. Protection of Social Security Number.
10 Sec. 45.48.400. Use of social security number. A person may not
11 (1) intentionally communicate or otherwise make available to the
12 general public an individual's social security number;
13 (2) print an individual's social security number on a card required for
14 the individual to access products or services provided by the person;
15 (3) require an individual to transmit the individual's social security
16 number over the Internet unless the Internet connection is secure or the social security
17 number is encrypted;
18 (4) require an individual to use the individual's social security number
19 to access an Internet site unless a password, a unique personal identification number,
20 or another authentication device is also required to access the site; or
21 (5) print an individual's social security number on material that is
22 mailed to the individual unless
23 (A) local, state, or federal law, including a regulation adopted
24 under AS 45.48.470, expressly authorizes placement of the social security
25 number on the material; or
26 (B) the social security number is included on an application or
27 other form, including a document sent as a part of an application process or an
28 enrollment process, sent by mail to establish, amend, or terminate an account, a
29 contract, or a policy, or to confirm the accuracy of the social security number;
30 however, a social security number allowed to be mailed under this
31 subparagraph may not be printed, in whole or in part, on a postcard or other
01 mailer that does not require an envelope, or in a manner that makes the social
02 security number visible on the envelope or without the envelope's being
03 opened.
04 Sec. 45.48.410. Request and collection. (a) A person who does business in the
05 state, including the business of government, may not request or collect an individual's
06 social security number. This subsection does not prohibit a person from asking for
07 another form of identification from the individual.
08 (b) The prohibition in (a) of this section does not apply
09 (1) if the person is expressly authorized by local, state, or federal law,
10 including a regulation adopted under AS 45.48.470, to demand proof of the
11 individual's social security number, to collect the individual's social security number,
12 or to submit the individual's social security number to the local, state, or federal
13 government;
14 (2) to a financial institution that is regulated by 15 U.S.C. 6801 - 6827
15 (Gramm-Leach-Bliley Financial Modernization Act) if the financial institution
16 requests or collects the individual's social security number to facilitate a transaction of
17 the individual;
18 (3) to a communication to or from a consumer reporting agency; in this
19 paragraph, "consumer reporting agency" has the meaning given in 15 U.S.C. 1681a
20 (Fair Credit Reporting Act); or
21 (4) if the request or collection is for a background check on the
22 individual, law enforcement purposes, or the individual's employment, including
23 employment benefits.
24 Sec. 45.48.420. Sale, lease, loan, trade, or rental. (a) A person may not sell,
25 lease, loan, trade, or rent an individual's social security number to a third party.
26 (b) The prohibition in (a) of this section does not apply if the sale, lease, loan,
27 trade, or rental is
28 (1) expressly authorized by local, state, or federal law, including a
29 regulation adopted under AS 45.48.470;
30 (2) part of a report prepared by a consumer credit reporting agency in
31 response to a request by a person and the person submits the social security number as
01 part of the request to the consumer credit reporting agency for the preparation of the
02 report.
03 Sec. 45.48.430. Disclosure. (a) A person doing business, including the
04 business of government, may not disclose an individual's social security number to a
05 third party.
06 (b) The prohibition in (a) of this section does not apply if
07 (1) the disclosure is expressly authorized by local, state, or federal law,
08 including a regulation adopted under AS 45.48.470;
09 (2) the third party is a financial institution that is regulated by 15
10 U.S.C. 6801 - 6827 (Gramm-Leach-Bliley Financial Modernization Act), and the
11 disclosure is to facilitate a transaction of the individual;
12 (3) the disclosure is part of a report prepared by a consumer credit
13 reporting agency in response to a request by a person and the person submits the social
14 security number as part of the request to the consumer credit reporting agency for the
15 preparation of the report; or
16 (4) the disclosure is for a background check on the individual, law
17 enforcement purposes, or the individual's employment, including employment
18 benefits.
19 Sec. 45.48.440. Interagency disclosure. Notwithstanding the other provisions
20 of AS 45.48.400 - 45.48.480, a state or local governmental agency may disclose an
21 individual's social security number to another state or local governmental agency or to
22 an agency of the federal government if the disclosure is required in order for the
23 agency to carry out the agency's duties and responsibilities.
24 Sec. 45.48.450. Exception for employees, agents, and independent
25 contractors. (a) Notwithstanding the other provisions of AS 45.48.400 - 45.48.480, a
26 person may disclose an individual's social security number to an employee or agent of
27 the person for a legitimate purpose established by and as directed by the person, but
28 the employee or agent may not use the social security number for another purpose or
29 make an unauthorized disclosure of the individual's personal information.
30 (b) Notwithstanding the other provisions of AS 45.48.400 - 45.48.480, and
31 except as provided for an agent under (a) of this section, a person may disclose an
01 individual's social security number to an independent contractor of the person to
02 facilitate the purpose or transaction for which the individual initially provided the
03 social security number to the person, but the independent contractor may not use the
04 social security number for another purpose or make an unauthorized disclosure of the
05 individual's personal information.
06 Sec. 45.48.460. Employment-related exception. The provisions of
07 AS 45.48.400 - 45.48.480 may not be construed to restrict a person's use or exchange
08 of an individual's social security number
09 (1) in the course of the administration of a claim, benefit, or procedure
10 related to the individual's employment by the person, including the individual's
11 termination from employment, retirement from employment, and injury suffered
12 during the course of employment; or
13 (2) to check on an unemployment insurance claim of the individual.
14 Sec. 45.48.470. Agency regulations. If regulations are necessary in order for a
15 state agency to carry out the state agency's duties and responsibilities, a state agency
16 may adopt regulations under AS 44.62 (Administrative Procedure Act) to establish
17 when the state agency or a person regulated by the state agency may
18 (1) print an individual's social security number on material that is
19 mailed to the individual;
20 (2) demand proof from an individual of the individual's social security
21 number, collect from an individual the individual's social security number, or submit
22 an individual's social security number to a local, state, or federal agency;
23 (3) ask an individual to provide the state agency with the individual's
24 social security number;
25 (4) disclose an individual's social security number to a third party;
26 (5) sell, lease, loan, trade, or rent an individual's social security number
27 to a third party.
28 Sec. 45.48.480. Penalties. (a) A person who knowingly violates AS 45.48.400
29 - 45.48.430 is liable to the state for a civil penalty not to exceed $3,000.
30 (b) An individual may bring a civil action in court against a person who
31 knowingly violates AS 45.48.400 - 45.48.430 and may recover actual damages or
01 $5,000, whichever amount is greater, and court costs and attorney fees allowed by the
02 rules of court.
03 (c) A person who knowingly violates AS 45.48.400 - 45.48.430 is guilty of a
04 class A misdemeanor.
05 (d) In this section, "knowingly" has the meaning given in AS 11.81.900.
06 Article 5. Disposal of Records.
07 Sec. 45.48.500. Disposal of records. (a) When disposing of records that
08 contain personal information, a business and a governmental agency shall take all
09 reasonable measures necessary to protect against unauthorized access to or use of the
10 records.
11 (b) Notwithstanding (a) of this section, if a business or governmental agency
12 has otherwise complied with the provisions of AS 45.48.500 - 45.48.590 in the
13 selection of a third party engaged in the business of record destruction, the business or
14 governmental agency is not liable for the disposal of records under AS 45.48.500 -
15 45.48.590 after the business or governmental agency has relinquished control of the
16 records to the third party for the destruction of the records.
17 (c) A business or governmental agency is not liable for the disposal of records
18 under AS 45.48.500 - 45.48.590 after the business or governmental agency has
19 relinquished control of the records to the individual to whom the records pertain.
20 Sec. 45.48.510. Measures to protect access. The measures that may be taken
21 to comply with AS 45.48.500 include
22 (1) implementing and monitoring compliance with policies and
23 procedures that require the burning, pulverizing, or shredding of paper documents
24 containing personal information so that the personal information cannot practicably be
25 read or reconstructed;
26 (2) implementing and monitoring compliance with policies and
27 procedures that require the destruction or erasure of electronic media and other
28 nonpaper media containing personal information so that the personal information
29 cannot practicably be read or reconstructed;
30 (3) after due diligence, entering into a written contract with a third
31 party engaged in the business of record destruction to dispose of records containing
01 personal information in a manner consistent with AS 45.48.500 - 45.48.590.
02 Sec. 45.48.520. Due diligence. In AS 45.48.510(3), due diligence ordinarily
03 includes performing one or more of the following:
04 (1) reviewing an independent audit of the third party's operations and
05 its compliance with AS 45.48.500 - 45.48.590;
06 (2) obtaining information about the third party from several references
07 or other reliable sources and requiring that the third party be certified by a recognized
08 trade association or similar organization with a reputation for high standards of quality
09 review; or
10 (3) reviewing and evaluating the third party's information security
11 policies and procedures, or taking other appropriate measures to determine the
12 competency and integrity of the third party.
13 Sec. 45.48.530. Policy and procedures. A business or governmental agency
14 shall adopt written policies and procedures that relate to the adequate destruction and
15 proper disposal of records containing personal information and that are consistent with
16 AS 45.48.500 - 45.48.590.
17 Sec. 45.48.540. Exemptions. (a) A business or a governmental agency is not
18 required to comply with AS 45.48.500 - 45.48.530 if federal law requires that the
19 business or governmental agency act in a way that does not comply with AS 45.48.500
20 - 45.48.530.
21 (b) A business is not required to comply with AS 45.48.500 - 45.48.530 if
22 (1) the business is subject to and in compliance with 15 U.S.C. 6801 -
23 6827 (Gramm-Leach-Bliley Financial Modernization Act); or
24 (2) the manner of the disposal of the records of the business is subject
25 to 15 U.S.C. 1681w (Fair Credit Reporting Act) and the business is complying with 15
26 U.S.C. 1861w.
27 Sec. 45.48.550. Civil penalty. (a) An individual, a business, or a governmental
28 agency that knowingly violates AS 45.48.500 - 45.48.590 is liable to the state for a
29 civil penalty not to exceed $3,000.
30 (b) In this section, "knowingly" has the meaning given in AS 11.81.900.
31 Sec. 45.48.560. Court action. An individual who is damaged by a violation of
01 AS 45.48.500 - 45.48.590 may bring a civil action in court to enjoin further violations
02 and to recover damages for the violation and court costs and attorney fees allowed by
03 the rules of court.
04 Sec. 45.48.590. Definitions. In AS 45.48.500 - 45.48.590,
05 (1) "business" means a person who conducts business in the state or a
06 person who conducts business and maintains or otherwise possesses personal
07 information on state residents; in this paragraph,
08 (A) "conducts business" includes engaging in activities as a
09 financial institution organized, chartered, or holding a license or authorization
10 certificate under the laws of this state, another state, the United States, or
11 another country;
12 (B) "possesses" includes possession for the purpose of
13 destruction;
14 (2) "dispose" means
15 (A) the discarding or abandonment of records containing
16 personal information;
17 (B) the sale, donation, discarding, or transfer of
18 (i) any medium, including computer equipment or
19 computer media, that contains records of personal information;
20 (ii) nonpaper media, other than that identified under (i)
21 of this subparagraph, on which records of personal information are
22 stored; and
23 (iii) equipment for nonpaper storage of information;
24 (3) "governmental agency" means a state or local governmental
25 agency, except for an agency of the judicial branch;
26 (4) "personal information" means information that identifies, relates to,
27 describes, or is capable of being associated with a particular individual, and includes a
28 name, signature, social security number, fingerprint, photograph, computerized image,
29 physical characteristic, physical description, address, telephone number, passport
30 number, driver's license, state identification number, date of birth, medical
31 information, bank account number, credit card number, debit card number, and
01 financial information;
02 (5) "records" means material on which information that is written,
03 drawn, spoken, visual, or electromagnetic is recorded or preserved, regardless of
04 physical form or characteristics, but does not include publicly available directories
05 containing names, addresses, telephone numbers, or other information an individual
06 has voluntarily consented to have publicly disseminated or listed.
07 Article 6. Factual Declaration of Innocence after Identity Theft; Right to File Police
08 Report Regarding Identity Theft.
09 Sec. 45.48.600. Factual declaration of innocence after identity theft. (a) A
10 victim of identity theft may petition the superior court for a determination that the
11 victim is factually innocent of a crime if
12 (1) the perpetrator of the identity theft was arrested for, cited for, or
13 convicted of the crime using the victim's identity;
14 (2) a criminal complaint was filed against the perpetrator of the
15 identity theft;
16 (3) the victim's identity was mistakenly associated with a record of a
17 conviction for a crime.
18 (b) In addition to a petition by a victim under (a) of this section, the
19 department may petition the superior court for a determination under (a) of this
20 section, or the superior court may, on its own motion, make a determination under (a)
21 of this section.
22 Sec. 45.48.610. Basis for determination. A determination of factual
23 innocence under AS 45.48.600 may be heard and made on declarations, affidavits,
24 police reports, or other material, relevant, and reliable information submitted by the
25 parties or ordered to be made a part of the record by the court.
26 Sec. 45.48.620. Criteria for determination; court order. (a) A court shall
27 determine that a victim is factually innocent of a crime if the court finds that the
28 petition or motion brought under AS 45.48.600 is meritorious and that
29 (1) there is not a reasonable cause to believe that the victim of the
30 identity theft committed the crime for which the perpetrator of the identity theft was
31 arrested, cited, or convicted, or was subject to a criminal complaint in the victim's
01 name; or
02 (2) the victim's identity was mistakenly associated with a record of a
03 conviction of a crime.
04 (b) If a court finds under this section that the victim is factually innocent of a
05 crime, the court shall issue an order indicating this determination of factual innocence
06 and shall provide the victim with a copy of the order.
07 Sec. 45.48.630. Orders regarding records. After a court issues an order under
08 AS 45.48.620, the court may order the name and associated personal information of
09 the victim of identity theft that is contained in the files, indexes, and other records of
10 the court that are accessible by the public deleted, sealed, or labeled to show that the
11 name and personal information of the victim of identity theft is incorrect.
12 Sec. 45.48.640. Vacation of determination. A court that has issued an order
13 under AS 45.48.620 may, at any time, vacate the order if the petition, or any
14 information submitted in support of the petition, is found to contain a material
15 misrepresentation or fraudulent material.
16 Sec. 45.48.650. Court form. The supreme court of the state may develop a
17 form to be used for the order under AS 45.48.620.
18 Sec. 45.48.660. Data base. The department may establish and maintain a data
19 base of individuals who have been victims of identity theft and who have received an
20 order under AS 45.48.620. The department shall provide a victim or the victim's
21 authorized representative access to a data base established under this section to
22 establish that the individual has been a victim of identity theft. Access to the a data
23 base established under this section is limited to criminal justice agencies, victims of
24 identity theft, and individuals and agencies authorized by the victims.
25 Sec. 45.48.670. Toll-free telephone number. The department may establish
26 and maintain a toll-free telephone number to provide access to information in a data
27 base established under AS 45.48.660.
28 Sec. 45.48.680. Right to file police report regarding identity theft. (a) Even
29 if the local law enforcement agency does not have jurisdiction over the theft of an
30 individual's identity, if an individual who has learned or reasonably suspects the
31 individual has been the victim of identity theft contacts, for the purpose of filing a
01 complaint, a local law enforcement agency that has jurisdiction over the individual's
02 actual place of residence, the local law enforcement agency shall make a report of the
03 matter and provide the individual with a copy of the report. The local law enforcement
04 agency may refer the matter to a law enforcement agency in a different jurisdiction.
05 (b) This section is not intended to interfere with the discretion of a local law
06 enforcement agency to allocate its resources to the investigation of crime. A local law
07 enforcement agency is not required to count a complaint filed under (a) of this section
08 as an open case for purposes that include compiling statistics on its open cases.
09 Sec. 45.48.690. Definitions. In AS 45.48.600 - 45.48.690,
10 (1) "crime" has the meaning given in AS 11.81.900;
11 (2) "department" means the Department of Law;
12 (3) "identity theft" means the theft of the identity of an individual;
13 (4) "perpetrator" means the person who perpetrated the theft of an
14 individual's identity;
15 (5) "victim" means an individual who is the victim of identity theft.
16 Article 7. Consumer Credit Header Information.
17 Sec. 45.48.700. Consumer credit header information. (a) A consumer credit
18 reporting agency may not furnish by a written, an oral, or another method of
19 communication a consumer's credit header information to a person unless
20 (1) the person has a permissible purpose under 15 U.S.C. 1681b (Fair
21 Credit Protection Act) to obtain the consumer's credit report; or
22 (2) the disclosure is part of a report prepared by the consumer credit
23 reporting agency in response to a request by a person and the person submits the social
24 security number as part of the request to the consumer credit reporting agency for the
25 preparation of the report.
26 (b) In this section, "credit header information" means the social security
27 number of a consumer, or a derivative of the social security number, the maiden name
28 of the mother of the consumer, the birth date of the consumer, and other personally
29 identifiable information of a consumer that is derived from nonpublic personal
30 information, except the name, address, and telephone number of the consumer listed in
31 a residential telephone directory available in the locality of the consumer.
01 Article 8. Truncation of Card Information.
02 Sec. 45.48.750. Truncation of card information. (a) A person who accepts
03 credit cards or debit cards for the transaction of business may not print more than the
04 last five digits of the card number or the expiration date on any receipt provided to the
05 cardholder at the point of the sale or transaction.
06 (b) This section applies only to receipts that are electronically printed and does
07 not apply to transactions in which the sole means of recording a credit card or debit
08 card account number is by handwriting or by an imprint or copy of the card.
09 (c) An individual may bring a civil action in court against a person who
10 knowingly violates this section and may recover actual damages or $5,000, whichever
11 is greater, and court costs and attorney fees allowed by the rules of court.
12 (d) A person who knowingly violates this section is liable to the state for a
13 civil penalty not to exceed $3,000.
14 (e) A person who knowingly violates this section is guilty of a class A
15 misdemeanor.
16 (f) In this section,
17 (1) "credit" means the right granted by a creditor to a debtor to defer
18 payment of debt, to incur debts and defer payment of the debt, or to purchase property
19 or services and defer payment of the purchase;�in this paragraph, "creditor" means a
20 person who regularly extends, renews, or continues credit, a person who regularly
21 arranges for the extension, renewal, or continuation of credit, or an assignee of an
22 original creditor who participates in the decision to extend, renew, or continue credit;
23 (2) "credit card" means a card, plate, coupon book, or other credit
24 device existing for the purpose of obtaining money, property, labor, or services on
25 credit;
26 (3) "debit card" means a card issued by a financial institution to a
27 consumer for use in initiating an electronic fund transfer from the account of the
28 consumer at the financial institution for the purpose of transferring money between
29 accounts or obtaining money, property, labor, or services;
30 (4) "knowingly" has the meaning given in AS 11.81.900.
31 Article 9. General Provisions.
01 Sec. 45.48.990. Definitions. In this chapter, unless the context indicates
02 otherwise,
03 (1) "consumer" means an individual;
04 (2) "consumer credit reporting agency" means a person who, for
05 monetary fees, dues, or on a cooperative nonprofit basis, regularly engages in whole or
06 in part in the practice of assembling or evaluating consumer credit information or
07 other information on consumers for the purpose of furnishing credit reports to third
08 parties;
09 (3) "credit report" means a written, oral, or other communication of
10 information by a consumer credit reporting agency bearing on a consumer's credit
11 worthiness, credit standing, credit capacity, character, general reputation, personal
12 characteristics, or mode of living if the communication is used or expected to be used
13 or collected in whole or in part to serve as a factor in establishing the consumer's
14 eligibility for
15 (A) credit or insurance to be used primarily for personal,
16 family, or household purposes;
17 (B) employment purposes; or
18 (C) any other permissible purpose authorized under section 15
19 U.S.C. 1681b;
20 (4) "information system" means any information system, including a
21 system consisting of digital data bases and a system consisting of pieces of paper;
22 (5) "person" has the meaning given in AS 01.10.060 and includes a
23 state or local governmental agency, except for an agency of the judicial branch;
24 (6) "state resident" means an individual who satisfies the residency
25 requirements under AS 01.10.055.
26 Sec. 45.48.995. Short title. This chapter may be cited as the Alaska Personal
27 Information Protection Act.
28 * Sec. 4. AS 45.50.471(b) is amended by adding a new paragraph to read:
29 (52) an information collector, other than a governmental agency,
30 violating AS 45.48.010 - 45.48.090 (breach of security involving personal
31 information); in this paragraph,
01 (A) "governmental agency" has the meaning given in
02 AS 45.48.080;
03 (B) "information collector" has the meaning given in
04 AS 45.48.090.
05 * Sec. 5. The uncodified law of the State of Alaska is amended by adding a new section to
06 read:
07 INDIRECT COURT RULE AMENDMENT. AS 45.48.640, enacted by sec. 3 of this
08 Act, has the effect of changing Rule 60(b), Alaska Rules of Civil Procedure, by allowing a
09 court to vacate an order on its own motion and at any time and by establishing a specific
10 criterion for vacating the order under AS 45.48.640.
11 * Sec. 6. AS 45.48.470, enacted by sec. 3 of this Act, takes effect immediately under
12 AS 01.10.070(c).
