BreachExchange mailing list archives
NJ assembly passes bill requiring information stored on copy machines, scanner be deleted
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Wed, 30 May 2012 12:05:44 -0400
http://www.courierpostonline.com/article/20120529/NEWS02/120529003/1007/news02 In an effort to combat identity theft, a bill that would require information stored on copier machines and scanners used by consumers be wiped clean has passed the New Jersey Assembly. Democrats Paul Moriarty, Herb Conaway, M.D., and Dan Benson sponsored to combat identity theft by requiring the hard drives of all digital copy machines to be wiped clean to protect sensitive, personal information was approved 51-28 Thursday. The information is stored on each machine, in some cases in perpetuity, unbeknownst to millions of consumers. "Most digital copy machines use internal hard drives, which store every document that has been scanned, printed, faxed or emailed by the machines, many times numbering in the tens of thousands by the time copier is resold or returned at the end of a lease agreement," said Moriarty D-Gloucester/Camden, who chairs the committee. "Besides the serious threat of identity theft, consumers are also vulnerable to repercussions posed by sensitive medical records or police documents," said Conaway (D-Burlington) "There's a simple way to eliminate these risks and we need to make sure it's instituted." According to a 2008 survey commissioned by electronics manufacturer Sharp, 60 percent of consumers are not aware that copiers store images on a hard drive. The bill (A-1238) requires that a person destroy, or arrange for the destruction of, all records stored on a digital copy machine, which is no longer to be retained by that person, by erasing or otherwise modifying those records to make the records unreadable, undecipherable or through generally available means. "It probably wouldn't even occur to most people that documents they scan or print on a copier are stored on that machine, sometimes for the entire life-time of the machine," said Benson, D-Mercer/Middlesex. "Given how often electronics are leased or resold these days, it's important that measures safeguarding against identity theft are put into place." The bill calls for the owner of a digital copy machine, and the lessee to whom the digital copy machine is leased, are responsible for the destruction, or arranging for the destruction, of all records stored on that machine. According to the bill, a person that willfully or knowingly violates the provisions of the bill is liable to a penalty of up to $2,500 for the first offense and up to $5,000 for the second and each subsequent offense. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- NJ assembly passes bill requiring information stored on copy machines, scanner be deleted Jake Kouns (May 30)