HB-4729, As Passed House, September 9, 2009

SUBSTITUTE FOR

HOUSE BILL NO. 4729

(As amended September 9, 2009)

     A bill to amend 2004 PA 452, entitled

"Identity theft protection act,"

(MCL 445.61 to 445.77) by adding section 14; and to repeal acts and

parts of acts.

THE PEOPLE OF THE STATE OF MICHIGAN ENACT:

     Sec. 14. (1) The identity theft protection commission is

established in the department of information technology and, except

as provided in subsection (10), is 1 of the advisory workgroups of

the information privacy protection council as authorized under

section VI-E of Executive Reorganization Order No. 2009-18.

     (2) The identity theft commission shall consist of [11] members

as follows:

House Bill No. 4729 (H-2) as amended September 9, 2009

     (a) The director of the department of information technology

or his or her designated representative, who shall serve as

chairperson of the commission.

     (b) The director of the department of state police or his or

her designated representative.

     (c) The commissioner of the office of financial and insurance

regulation or his or her designated representative.

     (d) The state treasurer or his or her designated

representative.

     (e) Three members of the general public to represent the

interests of consumers, 1 appointed by the governor, 1 appointed by

the governor from a list of 3 or more nominees submitted by the

speaker of the house of representatives, and 1 appointed by the

governor from a list of 3 or more nominees submitted by the

majority leader of the senate.

     (f) Two members of the business community, [1 appointed by the

governor from a list of 3 or more nominees submitted by the speaker of

the house of representatives, and 1 appointed by the governor from a list of 3 or more nominees submitted by the majority leader of the senate.

     (g) Two members of the nonprofit community from organizations whose missions deal substantially with protecting consumer privacy, 1 appointed by the governor from a list of 3 or more nominees submitted by the speaker of the house of representatives, and 1 appointed by the governor from a list of 3 or more nominees submitted by the majority leader of the senate.]

     (3) By September 30, 2011, the identity theft commission shall

do all of the following:

     (a) Organize and adopt standards governing the commission's

formal and informal procedures.

     (b) Keep a record of the proceedings and activities of the

commission.

     (c) Review and provide recommendations to the governor and to

the information privacy protection council concerning state rules,

guidelines, or procedures related to identity theft protection and

prevention.

     (d) Review and provide recommendations to the legislature and

to the information privacy protection council concerning

legislative action related to identity theft protection and

prevention.

     (e) Provide recommendations to the public and to the

information privacy protection council concerning business

practices related to identity theft protection and prevention.

     (f) Provide recommendations to state agencies and departments

and to the information privacy protection council on reducing the

use of social security numbers by those agencies or departments.

     (g) Establish a process for recognizing persons or agencies

that have exemplary business practices in identity theft protection

and prevention.

     (h) Make recommendations to the department of information

technology and to the information privacy protection council

concerning the design and content of the identity theft information

website described in subsection (9).

     (i) Perform any other duties the commission determines are

appropriate related to identity theft protection and prevention.

     (4) A majority of the members of the identity theft commission

constitute a quorum for the purpose of conducting business and

exercising the powers of the identity theft commission. Official

action of the identity theft commission may be taken upon a vote of

a majority of the members of the identity theft commission.

     (5) The identity theft commission may adopt, amend, and

rescind bylaws, rules, and regulations for the conduct of its

business.

     (6) Members of the identity theft commission shall serve

without compensation, but are entitled to actual and necessary

expenses incurred in the performance of official duties under this

section.

     (7) The commission shall conduct its business at public

meetings held in compliance with the open meetings act, 1976 PA

267, MCL 15.261 to 15.275. A writing prepared, owned, used, in the

possession of, or retained by the commission in the performance of

an official function shall be available to the public in compliance

with the freedom of information act, 1976 PA 442, MCL 15.231 to

15.246.

     (8) The department of information technology shall provide

staff assistance to the identity theft commission as necessary to

carry out the commission's duties under this section.

     (9) The department of information technology shall establish

and maintain an identity theft information website. The department

of information technology shall consider the recommendations of the

identity theft commission in selecting the design and content of

the website.

     (10) If the information privacy protection council created

under section VI of Executive Reorganization Order No. 2009-18 is

not fully operational within 30 days after the effective date of

this act, the identity theft protection commission created in

subsection (1) shall not be 1 of the advisory workgroups of the

information protection privacy council but shall instead exist as a

separate commission within the department of information

technology. For purposes of this subsection, the information

privacy protection council is fully operational when all of its

members have been appointed, and at least 1 meeting of the council

has been held. If the identity theft protection commission does

become 1 of the advisory workgroups of the information protection

security council, but the information protection security council

subsequently is abolished by law or executive order, the identity

theft protection commission shall continue its existence as a

separate commission within the department of information

technology.

     Enacting section 1. Section 14 of the identity theft

protection act, 2004 PA 452, MCL 445.74, is repealed effective

December 31, 2011.

     Enacting section 2. This amendatory act does not take effect

unless all of the following bills of the 95th Legislature are

enacted into law:

     (a) House Bill No. 4730.

     (b) House Bill No. 4731.

     (c) House Bill No. 4732.

     (d) House Bill No. 4733.

     (e) House Bill No. 4734.