(1) As used in this section, the term:
(a) “Personal information” means an individual’s name, address, date of birth, driver license number, or identification card number.
Terms Used In Florida Statutes 322.143
- Contract: A legal written agreement that becomes binding when signed.
- Corporation: A legal entity owned by the holders of shares of stock that have been issued, and that can own, receive, and transfer property, and carry on business in its own name.
- Driver license: means a certificate that, subject to all other requirements of law, authorizes an individual to drive a motor vehicle and denotes an operator's license as defined in 49 U. See Florida Statutes 409.25659
- Fair Credit Reporting Act: A federal law, established in 1971 and revised in 1997, that gives consumers the right to see their credit records and correct any mistakes. Source: OCC
- Fraud: Intentional deception resulting in injury to another.
- Identification card: means a personal identification card issued by the department which conforms to the definition in 18 U. See Florida Statutes 409.25659
- Partnership: A voluntary contract between two or more persons to pool some or all of their assets into a business, with the agreement that there will be a proportional sharing of profits and losses.
- person: includes individuals, children, firms, associations, joint adventures, partnerships, estates, trusts, business trusts, syndicates, fiduciaries, corporations, and all other groups or combinations. See Florida Statutes 88.6011
(b) “Private entity” means any nongovernmental entity, such as a corporation, partnership, company or nonprofit organization, any other legal entity, or any natural person.
(c) “Swipe” means the act of passing a driver license or identification card through a device that is capable of deciphering, in an electronically readable format, the information electronically encoded in a magnetic strip or bar code on the driver license or identification card.
(2) Except as provided in subsection (6), a private entity may not swipe an individual’s driver license or identification card, except for the following purposes:
(a) To verify the authenticity of a driver license or identification card or to verify the identity of the individual if the individual pays for a good or service with a method other than cash, returns an item, or requests a refund.
(b) To verify the individual’s age when providing an age-restricted good or service.
(c) To prevent fraud or other criminal activity if an individual returns an item or requests a refund and the private entity uses a fraud prevention service company or system.
(d) To transmit information to a check services company for the purpose of approving negotiable instruments, electronic funds transfers, or similar methods of payment.
(e) To comply with a legal requirement to record, retain, or transmit the driver license information.
(3) A private entity that swipes an individual’s driver license or identification card under paragraph (2)(a) or paragraph (2)(b) may not store, sell, or share personal information collected from swiping the driver license or identification card.
(4) A private entity that swipes an individual’s driver license or identification card under paragraph (2)(c) or paragraph (2)(d) may store or share personal information collected from swiping an individual’s driver license or identification card for the purpose of preventing fraud or other criminal activity against the private entity.
(5)(a) A person other than an entity regulated by the federal Fair Credit Reporting Act, 15 U.S.C. 1681 et seq., who receives personal information from a private entity under subsection (4) may use the personal information received only to prevent fraud or other criminal activity against the private entity that provided the personal information.
(b) A person who is regulated by the federal Fair Credit Reporting Act and who receives personal information from a private entity under subsection (4) may use or provide the personal information received only to effect, administer, or enforce a transaction or prevent fraud or other criminal activity, if the person provides or receives personal information under contract from the private entity.
(6)(a) An individual may consent to allow the private entity to swipe the individual’s driver license or identification card to collect and store personal information. However, the individual must be informed what information is collected and the purpose or purposes for which it will be used.
(b) If the individual does not want the private entity to swipe the individual’s driver license or identification card, the private entity may manually collect personal information from the individual.
(7) The private entity may not withhold the provision of goods or services solely as a result of the individual requesting the collection of the data in subsection (6) from the individual through manual means.
(8) A private entity that violates this section may be subject to a civil penalty not to exceed $5,000 per occurrence.
(9) This section does not apply to a financial institution as defined in s. 655.005(1)(i).