SEARCH SITE

VIRGINIA LAW PORTAL

SEARCHABLE DATABASES

ACROSS SESSIONS

Developed and maintained by the Division of Legislative Automated Systems.

2015 SESSION

  • | print version

HB 1562 Electronic identity management; standards, liability.

Introduced by: Thomas Davis Rust | all patrons    ...    notes | add to my profiles | history

SUMMARY AS PASSED:

Electronic identity management; standards; liability. Creates the Identity Management Standards Advisory Council to advise the Secretaries of Technology and Transportation on the adoption of technical and data standards regarding the verification and authentication of identity in digital and online transactions. The bill establishes in the Code of Virginia the concept of an identity trust framework operator, an entity that establishes rules and policies for identity providers operating within the framework and issues electronic trustmarks to such providers signifying compliance with the rules and policies of that trust framework. The bill also establishes limitation on liability for providers that adhere to the adopted standards, the applicable contract terms, and the rules and policies of the identity trust framework provider, absent gross negligence or willful misconduct. The bill provides that the provider's adherence to the adopted standards and applicable contract terms of the identity framework shall satisfy any requirement for a commercially reasonable security or attribution procedure under Title 8.4A (Commercial Code), the Uniform Electronic Transactions Act (§ 59.1-479 et seq.), and the Uniform Computer Information Transactions Act (§ 59.1-501.1 et seq.). This bill is identical to SB 814.

SUMMARY AS PASSED HOUSE:

Electronic identity management; standards; liability. Creates the Identity Management Standards Advisory Council to advise the Secretary of Technology on the adoption of technical and data standards regarding the verification and authentication of identity in digital and online transactions. The bill also establishes in the Code of Virginia the concept of an identity trust framework operator, an entity that establishes rules and policies for identity providers operating within the framework and issues electronic trustmarks to such providers signifying compliance with the rules and policies of that trust framework. The bill provides that electronic identity providers and identity trust framework operators shall not be liable if the issuance of an identity credential or assignment of an identity attribute or trustmark was in compliance with (i) the Commonwealth's identity management standards in place at the time of issuance or assignment, (ii) applicable terms of any contractual agreement with a contracting party, and (iii) any written rules and policies of the identity trust framework of which it is a member, absent gross negligence or willful misconduct.

SUMMARY AS INTRODUCED:

Electronic identity management; standards; liability. Creates the Identity Management Standards Advisory Council to advise the Secretaries of Technology and Transportation on the adoption of technical and data standards regarding the verification and authentication of identity in digital and online transactions. Electronic identity providers that adhere to the adopted standards would be immune from civil liability related to the issuance of an electronic identity credential, absent gross negligence or willful misconduct. The bill also establishes in the Code of Virginia the concept of an identity trust framework operator, an entity that establishes rules and policies for identity providers operating within the framework and issues electronic trustmarks to such providers signifying compliance with the rules and policies of that trust framework.