Assembly Democrats Paul Moriarty, Herb Conaway, M.D., and Dan Benson sponsored A-1238 to combat identity theft by requiring the hard drives of all digital copy machines to be wiped clean to protect sensitive, personal information. The bill was approved 51-28 on May 31by the Assembly.
The information stored on each digital copy machine, in some cases in perpetuity, is unbeknownst to millions of consumers. In a Democratic press release the following was stated:
“Most digital copy machines use internal hard drives, which store every document that has been scanned, printed, faxed or emailed by the machines, many times numbering in the tens of thousands by the time a copier is resold or returned at the end of a lease agreement,” said Moriarty (D-Gloucester/Camden), who chairs the committee. “According to news reports, most businesses do not erase the hard drive on a copier before getting rid of it, putting the highly sensitive information of millions of consumers at serious risk of theft.”
“Besides the serious threat of identity theft, consumers are also vulnerable to repercussions posed by sensitive medical records or police documents,” said Conaway (D-Burlington) “There’s a simple way to eliminate these risks and we need to make sure it’s instituted.”
According to a 2008 survey commissioned by electronics manufacturer Sharp, 60 percent of consumers are not aware that copiers store images on a hard drive.
The bill requires that a person destroy, or arrange for the destruction of, all records stored on a digital copy machine, which is no longer to be retained by that person, by erasing or otherwise modifying those records to make the records unreadable, undecipherable or nonreconstructable through generally available means.
“It probably wouldn’t even occur to most people that documents they scan or print on a copier are stored on that machine, sometimes for the entire life-time of the machine,” said Benson (D-Mercer/Middlesex). “Given how often electronics are leased or resold these days, it’s important that measures safeguarding against identity theft are put into place.”
The bill provides that a lessor of a digital copy machine, and the lessee to whom the digital copy machine is leased, are responsible for the destruction, or arranging for the destruction, of all records stored on that machine.
Additionally, the fee a lessor may charge a lessee for the destruction, or arranging for the destruction, of the records cannot exceed one week’s value of the lease, up to $100, and may only be charged if the lessee has not destroyed, or arranged for the destruction of the records.
A person that willfully or knowingly violates the provisions of the bill is liable to a penalty of up to $2,500 for the first offense and up to $5,000 for the second and each subsequent offense.
The provisions of this bill shall be enforced by the Attorney General.
A person damaged in business or property as a result of a violation of this bill may sue the actor in the Superior Court and may recover compensatory and punitive damages and the cost of the suit including a reasonable attorney’s fee, costs of investigation and litigation.
The bill requires manufacturers of digital copy machines to include instructions with each copier explaining how to destroy or arrange for the destruction of the records stored on that machine.
The measure shall take effect on the 60th day following enactment, and applies to lease agreements of digital copy machines which are in effect or entered into on or after the effective date, and sales which are concluded on or after the effective date.
The bill will now be referred to the Senate for consideration.