1. CNET, “ChoicePoint Data Theft Widens to 145,000 People,” February 18, 2005. https://www.cnet.com/news/choicepoint-data-theft-widens-to-145000-people/ (accessed April 27, 2020).
2. PC World, “ChoicePoint Details Data Breach Lessons,” June 11, 2007. https://www.pcworld.com/article/132795/article.html (accessed April 27, 2020).
3. Federal Trade Commission, “ChoicePoint Settles Data Security Breach Charges; to Pay $10 Million in Civil Penalties, $5 Million for Consumer Redress,” January 26, 2006. https://www.ftc.gov/news-events/press-releases/2006/01/choicepoint-settles-data-security-breach-charges-pay-10-million (accessed April 27, 2020).
4. InfoWorld, “States Settle With ChoicePoint Over 2004 Breach,” May 31, 2007. https://www.infoworld.com/article/2662493/states-settle-with-choicepoint-over-2004-breach.html (accessed April 27, 2020).
5. Federal Trade Commission, “Consumer Data Broker ChoicePoint Failed to Protect Consumers’ Personal Data, Left Key Electronic Monitoring Tool Turned Off for Four Months,” October 19, 2009. https://www.ftc.gov/news-events/press-releases/2009/10/consumer-data-broker-choicepoint-failed-protect-consumers (accessed April 27, 2020).
6. California Civil Code, sec. 1798.29, and sec. 1798.82.
7. California Civil Code, sec. 1798.29, and sec. 1798.82.
8. California Civil Code, sec. 1798.84.
9. National Conference of State Legislatures, “Security Breach Notification Laws,” March 8, 2020. https://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx (accessed April 27, 2020).
10. Ohio Revised Code, sec. 1347.12.
11. Ohio Revised Code, sec. 1347.12, and sec. 1349.19.
12. Florida Statutes, sec. 817.5681.
13. Maine Revised Statutes, Title 10, sec. 1348.
14. North Carolina General Statutes, sec. 75-65.
15. Colorado Revised Statutes, sec. 6-1-716.
16. Massachusetts Gen. Laws ch. 93H, sec. 1- 6.
17. Indiana Code, sec. 24-4.9-2-4.
18. Texas Business and Commercial Code Annotated, sec. 521.151.
19. Florida Statutes, sec. 817.5681.
20. Indiana Code, sec. 24-4.9-4-2.
21. Minnesota Statutes, sec. 325E.64.
22. Minnesota Statutes, sec. 325E.64.
23. Nevada Revised Statutes, sec. 603A.215.
24. Washington Revised Code, sec. 19.255.020.
25. Nevada Revised Statutes, sec. 603A.040.
26. Indiana Code, sec. 36-2-7.5-4.
27. Indiana Code, sec. 4-1-10-3(b).
28. Indiana Code, sec. 35-50-2-7.
29. Arizona Revised Statutes, sec. 44-1373.
30. California Civil Code Title 1.81.5, sec. 1798.100-1798.199.
31. Massachusetts General Law, chapter 93H, sec. 2.
32. Code of Massachusetts Regulations, Title 201, sec. 17.01-17.05.
33. Code of Massachusetts Regulations, Title 201, sec. 17.03.
34. Code of Massachusetts Regulations, Title 201, sec. 17.04.
35. Massachusetts General Law, chapter 93A, sec. 4.
36. Nevada Revised Statutes, sec. 603A.215.
37. Massachusetts General Law, chapter 93H, sec. 1.
38. Nevada Revised Statutes, sec. 603A.215.
39. Nevada Revised Statutes, sec. 603A.215.
40. National Conference of State Legislatures, “Data Disposal Laws,” January 4, 2020. https://www.ncsl.org/research/telecommunications-and-information-technology/data-disposal-laws.aspx (accessed April 27, 2020).
41. Revised Code of Washington, Title 19, sec. 19.215.005 to 19.215.030.
42. Revised Code of Washington, Title 19, sec. 19.215.005.
43. Revised Code of Washington, Title 19, sec. 19.215.010.
44. Revised Code of Washington, Title 19, sec. 19.215.020.
45. New York’s General Business Law, sec. 399-H.
46. Department of Veterans Affairs, Data Breach Fine Rule, Code of Federal Regulations, Title 38, sec. 75.117.