2021 Oregon Revised Statutes
Chapter 646A - Trade Regulation
Section 646A.602 - Definitions for ORS 646A.600 to 646A.628.


(1)(a) "Breach of security" means an unauthorized acquisition of computerized data that materially compromises the security, confidentiality or integrity of personal information that a person maintains or possesses.
(b) "Breach of security" does not include an inadvertent acquisition of personal information by a person or the person’s employee or agent if the personal information is not used in violation of applicable law or in a manner that harms or poses an actual threat to the security, confidentiality or integrity of the personal information.
(2) "Consumer" means an individual resident of this state.
(3) "Consumer report" means a consumer report as described in section 603(d) of the federal Fair Credit Reporting Act (15 U.S.C. 1681a(d)), as that Act existed on January 1, 2020, that a consumer reporting agency compiles and maintains.
(4) "Consumer reporting agency" means a consumer reporting agency as described in section 603(p) of the federal Fair Credit Reporting Act (15 U.S.C. 1681a(p)) as that Act existed on January 1, 2020.
(5)(a) "Covered entity" means a person that owns, licenses, maintains, stores, manages, collects, processes, acquires or otherwise possesses personal information in the course of the person’s business, vocation, occupation or volunteer activities.
(b) "Covered entity" does not include a person described in paragraph (a) of this subsection to the extent that the person acts solely as a vendor.
(6) "Debt" means any obligation or alleged obligation arising out of a consumer transaction.
(7) "Encryption" means an algorithmic process that renders data unreadable or unusable without the use of a confidential process or key.
(8) "Extension of credit" means a right to defer paying debt or a right to incur debt and defer paying the debt, that is offered or granted primarily for personal, family or household purposes.
(9) "Identity theft" has the meaning set forth in ORS 165.800.
(10) "Identity theft declaration" means a completed and signed statement that documents alleged identity theft, using a form available from the Federal Trade Commission, or another substantially similar form.
(11) "Person" means an individual, private or public corporation, partnership, cooperative, association, estate, limited liability company, organization or other entity, whether or not organized to operate at a profit, or a public body as defined in ORS 174.109.
(12)(a) "Personal information" means:
(A) A consumer’s first name or first initial and last name in combination with any one or more of the following data elements, if encryption, redaction or other methods have not rendered the data elements unusable or if the data elements are encrypted and the encryption key has been acquired:
(i) A consumer’s Social Security number;
(ii) A consumer’s driver license number or state identification card number issued by the Department of Transportation;
(iii) A consumer’s passport number or other identification number issued by the United States;
(iv) A consumer’s financial account number, credit card number or debit card number, in combination with any required security code, access code or password that would permit access to a consumer’s financial account, or any other information or combination of information that a person reasonably knows or should know would permit access to the consumer’s financial account;
(v) Data from automatic measurements of a consumer’s physical characteristics, such as an image of a fingerprint, retina or iris, that are used to authenticate the consumer’s identity in the course of a financial transaction or other transaction;
(vi) A consumer’s health insurance policy number or health insurance subscriber identification number in combination with any other unique identifier that a health insurer uses to identify the consumer; or
(vii) Any information about a consumer’s medical history or mental or physical condition or about a health care professional’s medical diagnosis or treatment of the consumer.
(B) A user name or other means of identifying a consumer for the purpose of permitting access to the consumer’s account, together with any other method necessary to authenticate the user name or means of identification.
(C) Any of the data elements or any combination of the data elements described in subparagraph (A) or (B) of this paragraph without the consumer’s user name, or the consumer’s first name or first initial and last name, if:
(i) Encryption, redaction or other methods have not rendered the data element or combination of data elements unusable; and
(ii) The data element or combination of data elements would enable a person to commit identity theft against a consumer.
(b) "Personal information" does not include information in a federal, state or local government record, other than a Social Security number, that is lawfully made available to the public.
(13) "Proper identification" means written information or documentation that a consumer or representative can present to another person as evidence of the consumer’s or representative’s identity, examples of which include:
(a) A valid Social Security number or a copy of a valid Social Security card;
(b) A certified or otherwise official copy of a birth certificate that a governmental body issued; and
(c) A copy of a driver license or other government-issued identification.
(14) "Protected consumer" means an individual who is:
(a) Not older than 16 years old at the time a representative requests a security freeze on the individual’s behalf; or
(b) Incapacitated or for whom a court or other authority has appointed a guardian or conservator.
(15) "Protective record" means information that a consumer reporting agency compiles to identify a protected consumer for whom the consumer reporting agency has not prepared a consumer report.
(16) "Redacted" means altered or truncated so that no more than the last four digits of a Social Security number, driver license number, state identification card number, passport number or other number issued by the United States, financial account number, credit card number or debit card number is visible or accessible.
(17) "Representative" means a consumer who provides a consumer reporting agency with sufficient proof of the consumer’s authority to act on a protected consumer’s behalf.
(18) "Security freeze" means a notice placed in a consumer report at a consumer’s request or a representative’s request or in a protective record at a representative’s request that, subject to certain exemptions, prohibits a consumer reporting agency from releasing information in the consumer report or the protective record for an extension of credit, unless the consumer temporarily lifts the security freeze on the consumer’s consumer report or a protected consumer or representative removes the security freeze on or deletes the protective record.
(19) "Vendor" means a person with which a covered entity contracts to maintain, store, manage, process or otherwise access personal information for the purpose of, or in connection with, providing services to or on behalf of the covered entity. [2007 c.759 §2; 2013 c.415 §1; 2015 c.357 §1; 2018 c.10 §1; 2019 c.180 §2]

<< Previous
Next >>

Structure 2021 Oregon Revised Statutes

2021 Oregon Revised Statutes

Volume : 16 - Trade Practices, Labor and Employment

Chapter 646A - Trade Regulation

Section 646A.030 - Definitions for ORS 646A.030 to 646A.042.

Section 646A.032 - Price list for health spa services.

Section 646A.034 - Contracts; contents.

Section 646A.038 - Moneys paid prior to facility opening; disposition; priority of claim; refund.

Section 646A.050 - Definitions.

Section 646A.052 - Form of purchase agreement.

Section 646A.060 - Purchase of used goods; records; application to pawnbrokers.

Section 646A.064 - Definitions for ORS 646A.064 to 646A.067.

Section 646A.065 - Records required for transactions involving items of precious metal; maintenance required of precious metal secondhand dealer; retention of items of precious metal.

Section 646A.066 - Applicability to local ordinances.

Section 646A.068 - Penalty for violating ORS 646A.065.

Section 646A.070 - Sale of telephonic equipment; disclosure requirements; enforcement; penalty.

Section 646A.072 - Exceptions to disclosure requirements.

Section 646A.075 - Required information prior to purchase of dog.

Section 646A.077 - Qualification for full refund; replacement dog; reimbursement for cost of veterinary care; exceptions.

Section 646A.080 - Sale of novelty item containing mercury; penalty.

Section 646A.081 - Prohibition on sale or installation of mercury vapor outdoor lighting fixtures.

Section 646A.082 - Floral retail sales; disclosure of principal place of business; enforcement; penalty.

Section 646A.085 - Sale of rights by distributor to exhibit motion picture without first giving exhibitor opportunity to view motion picture prohibited; attorney fees.

Section 646A.090 - Offer to sell or lease motor vehicle under retail installment contract or lease agreement; return of items if lender does not approve loan; charges for use of vehicle; exceptions.

Section 646A.092 - Advertisements for sale or lease of motor vehicle; exceptions.

Section 646A.093 - Disclosures for handling and shipping consumer goods required in advertisements, offers and sales; penalty.

Section 646A.095 - Disclosure required when purchaser of product offered technical support through information delivery system.

Section 646A.097 - Payment of sales commissions following termination of contract between sales representative and principal; definitions; civil action.

Section 646A.100 - Definitions for ORS 646A.100 to 646A.110.

Section 646A.102 - Notice of intent to conduct going out of business sale; display and filing; exceptions; prohibited activities.

Section 646A.104 - Information required in notice of intent.

Section 646A.108 - Prohibited conduct.

Section 646A.110 - Applicability of ORS 646A.100 to 646A.110 and 646A.112.

Section 646A.112 - Injunction of sham sale; evidence; attorney fees; defense; definitions.

Section 646A.115 - Software prohibited that interferes with sale of admission tickets to entertainment events; unlawful practice.

Section 646A.120 - Definitions for ORS 646A.120 to 646A.134.

Section 646A.122 - Applicability of ORS 646A.120 to 646A.134.

Section 646A.124 - General disclosure requirements.

Section 646A.126 - Specific disclosure requirements.

Section 646A.128 - Provisions prohibited in lease-purchase agreements.

Section 646A.130 - Reinstatement of lease-purchase agreement by consumer; receipt for each payment.

Section 646A.132 - Renegotiation or extension of lease-purchase agreement.

Section 646A.134 - Disclosures required in advertisement for lease-purchase agreements.

Section 646A.140 - Definitions for ORS 646A.140 and 646A.142.

Section 646A.142 - Rental vehicle collision damage waiver notice.

Section 646A.150 - Applicability of ORS 646A.150 to 646A.172.

Section 646A.152 - Definitions for ORS 646A.150 to 646A.172.

Section 646A.154 - Service contract defined; registration; proof of financial stability; bond; action; rules; applicability of Insurance Code.

Section 646A.156 - Required contents of service contracts.

Section 646A.158 - Prohibited conduct.

Section 646A.160 - Service contract obligor as agent of insurer; indemnification or subrogation rights of insurer.

Section 646A.162 - Investigation of violations; inspection of records; subpoenas; discontinue or desist order; civil penalties.

Section 646A.164 - Complaints and investigations confidential; exceptions.

Section 646A.166 - Refusal to continue or suspension or revocation of registration.

Section 646A.168 - Assessment fee; rules; purpose; registration fee.

Section 646A.172 - Rules; exemption of certain obligors.

Section 646A.200 - Definitions for ORS 646A.202 and 646A.204.

Section 646A.204 - Customer information.

Section 646A.210 - Requiring credit card number as condition for accepting check or share draft prohibited; exceptions.

Section 646A.214 - Verification of identity in credit or debit card transactions.

Section 646A.220 - Credit card solicitation; required disclosure; definitions.

Section 646A.222 - Charge card solicitation; required disclosure; definitions.

Section 646A.230 - Action by Attorney General or district attorney; civil and criminal penalties.

Section 646A.240 - Treatment of child support obligations by creditor in applications for extensions of credit.

Section 646A.244 - Cause of action for violation of ORS 646A.240; injunction; attorney fees; defenses.

Section 646A.274 - Definitions for ORS 646A.276 and 646A.278.

Section 646A.276 - Sale of gift card that expires, declines in value, includes fee or does not give option to redeem.

Section 646A.278 - Requirements for sale of gift card that expires.

Section 646A.280 - Definitions for ORS 646A.280 to 646A.290.

Section 646A.282 - Simulated invoices prohibited.

Section 646A.284 - Cause of action by Attorney General; judgment; attorney fees.

Section 646A.286 - Cause of action by private party; judgment; attorney fees.

Section 646A.288 - Presumptions in cause of action brought under ORS 646A.284 or 646A.286.

Section 646A.290 - Construction; other remedies.

Section 646A.293 - Definitions for ORS 646A.293 and 646A.295.

Section 646A.295 - Prohibited actions; requirements; timing; failure to obtain consent; exceptions.

Section 646A.300 - Definitions for ORS 646A.300 to 646A.322.

Section 646A.304 - Payment for farm implements, parts, software, tools and signs upon termination of retailer agreement.

Section 646A.306 - Repurchase of inventory by supplier; effect of new retailer agreement.

Section 646A.308 - Civil action for supplier’s failure to pay; venue.

Section 646A.310 - Prohibited conduct by supplier.

Section 646A.312 - Termination, cancellation or nonrenewal of retailer agreement; notice; good cause.

Section 646A.314 - New or relocated dealership; notice; area of responsibility.

Section 646A.316 - Warranty claims; payment; time for completion.

Section 646A.318 - Warranty claims; processing.

Section 646A.320 - Retailer’s improvements to products.

Section 646A.322 - Remedies; arbitration; cause of action; attorney fees; injunctive relief.

Section 646A.325 - Repurchase of motor vehicle by manufacturer; notice to dealer; contents of notice; notice to prospective buyer.

Section 646A.340 - Definitions for ORS 646A.340 to 646A.348.

Section 646A.342 - Prohibited conduct; required verifications and notice.

Section 646A.344 - Bond or letter of credit; action; exceptions.

Section 646A.348 - Action by Attorney General; civil penalty; injunction; damages; attorney fees and costs.

Section 646A.360 - Unsolicited facsimile machine transmissions.

Section 646A.362 - Exclusion of name from sweepstakes promotion mailing list; written request; rules.

Section 646A.370 - Definitions for ORS 646A.370 to 646A.374.

Section 646A.372 - Limits on usage of automatic dialing and announcing device.

Section 646A.374 - Prohibited actions.

Section 646A.400 - Definitions for ORS 646A.400 to 646A.418.

Section 646A.402 - Availability of remedy.

Section 646A.404 - Consumer’s remedies; manufacturer’s affirmative defenses.

Section 646A.405 - Manufacturer action under ORS 646A.404; request to Department of Transportation; notice to buyer; unlawful practice; rules.

Section 646A.406 - Presumption of reasonable attempt to conform; extension of time for repairs; notice to manufacturer.

Section 646A.412 - Action in court; damages if manufacturer does not act in good faith; attorney fees; expert witness fees; costs.

Section 646A.414 - Limitations on actions against dealers.

Section 646A.416 - Limitation on commencement of action.

Section 646A.430 - Definitions for ORS 646A.430 to 646A.450.

Section 646A.432 - Applicability of ORS 646A.430 to 646A.450; applicability of other law.

Section 646A.434 - Sale of vehicle protection product; conditions and requirements.

Section 646A.436 - Warrantor registration; requirements; expiration; fees; rules.

Section 646A.438 - Reimbursement insurance; requirements; insurer qualifications.

Section 646A.440 - Required provisions of reimbursement insurance policy; cancellation; notice.

Section 646A.444 - Recordkeeping requirements for warrantor; record retention.

Section 646A.446 - Prohibited conduct for warrantor.

Section 646A.448 - Prohibited activities.

Section 646A.450 - Rules; investigative powers of department.

Section 646A.460 - Definitions for ORS 646A.460 to 646A.476.

Section 646A.462 - Express warranty; duration.

Section 646A.464 - Repair of assistive device.

Section 646A.466 - Replacement or refund after attempt to repair.

Section 646A.468 - Procedures for replacement or refund.

Section 646A.470 - Sale or lease of returned assistive device.

Section 646A.472 - Dispute resolution.

Section 646A.476 - Civil action for damages; attorney fees; limitation on actions.

Section 646A.480 - Definitions for ORS 646A.480 to 646A.495.

Section 646A.482 - Estimate required before beginning work; contents; evaluation.

Section 646A.486 - Prohibited actions if estimate exceeds $200; revision of estimate; methods to obtain owner authorization.

Section 646A.490 - Additional prohibited actions; reassembly required; copies.

Section 646A.495 - Owner designee; waiver of authorization requirement.

Section 646A.500 - Legislative findings; declaration of purpose.

Section 646A.504 - Definitions for ORS 646A.500 to 646A.514.

Section 646A.506 - Prohibited conduct.

Section 646A.508 - Penalties.

Section 646A.510 - Exemptions.

Section 646A.525 - Definitions for ORS 646A.525 to 646A.535.

Section 646A.530 - Prohibited sales of certain children’s products; recall notices and warnings; disposal of recalled children’s products; compliance with warning instructions.

Section 646A.540 - Definitions; labeling and packaging requirements; preemption.

Section 646A.542 - Requirement to document compliance.

Section 646A.544 - Local government enforcement; notice required; penalties.

Section 646A.555 - License to engage in business activity not required for individual under 17 years of age.

Section 646A.560 - Legislative findings.

Section 646A.562 - Definitions for ORS 646A.560 to 646A.566.

Section 646A.564 - Standards for mercury content in electric lamps; exceptions.

Section 646A.575 - Definitions for ORS 646A.575 to 646A.590.

Section 646A.577 - Limited license required; application; fee; renewal; prohibited representations.

Section 646A.580 - Cost of coverage; billing requirements; remission to insurer or supervising entity; funds held in trust; compensation.

Section 646A.582 - Written disclosure requirements.

Section 646A.585 - Exceptions to license requirement; prohibited representations; acts of employees.

Section 646A.588 - Restrictions on modification or termination of coverage; notice; consent to notice.

Section 646A.592 - Enforcement.

Section 646A.602 - Definitions for ORS 646A.600 to 646A.628.

Section 646A.604 - Notice of breach of security; delay; methods of notification; contents of notice; application of notice requirement.

Section 646A.606 - Security freeze; requirements; proof of authority; effect.

Section 646A.608 - Deadline for placing security freeze; protective record creation; use and release of information; confirmation; personal identification number; exception; lifting and removal.

Section 646A.610 - Fees not permitted.

Section 646A.612 - Conditions for lifting or removing security freeze.

Section 646A.614 - Effect of security freeze on use of consumer reports or protective records.

Section 646A.618 - Prohibition on changes to consumer report subject to security freeze; entities subject to requirement to place security freeze.

Section 646A.620 - Prohibition on printing, displaying or posting Social Security numbers; exemptions.

Section 646A.622 - Requirement to develop safeguards for personal information; conduct deemed to comply with requirement; defenses.

Section 646A.624 - Powers of director; penalties.

Section 646A.628 - Allocation of moneys.

Section 646A.640 - Definitions.

Section 646A.643 - License requirement to engage in debt buying; exemptions.

Section 646A.646 - License application; requirements; application through Nationwide Multistate Licensing System; fee; insurance; license renewal; director’s investigation; license term; suspension or revocation; rules.

Section 646A.649 - Licensee’s principal place of business and registered agent; assumed business name; display of license; rules.

Section 646A.652 - Required notices.

Section 646A.655 - Compliance with director’s standards; rules.

Section 646A.658 - Prohibited practices.

Section 646A.661 - Director’s supervisory authority; examinations and investigations; referral to Attorney General; costs of examination or investigation; consultation and cooperation with trade association and members of public.

Section 646A.664 - Enforcement actions; penalties.

Section 646A.667 - Preemption.

Section 646A.670 - Legal action to collect debt; requirements for pleadings; judgments; attorney fees.

Section 646A.677 - Requirement to screen for financial assistance before transferring medical debt for collection; permitted interest rate; unlawful collection practices.

Section 646A.683 - Requirement to report increase in drug price; exemptions.

Section 646A.689 - Requirement to report certain information concerning drug manufacturing and pricing; contents of report; penalty; rules.

Section 646A.692 - Civil penalty.

Section 646A.693 - Prescription Drug Affordability Board; membership and qualifications of members; terms of office; duties; conflicts of interest; rules.

Section 646A.694 - Annual affordability determination for identified drugs and insulin products; criteria for and limitations on determination; confidentiality; rules.

Section 646A.695 - Annual fees assessed against drug manufacturers; rules.

Section 646A.696 - Report to Health Care Cost Growth Target program and Legislative Assembly; contents of report.

Section 646A.697 - Study of market for generic drugs; effect of pricing on insurance premiums; report to Legislative Assembly.

Section 646A.702 - Definitions for ORS 646A.702 to 646A.720.

Section 646A.705 - Persons that are not foreclosure consultants.

Section 646A.710 - Foreclosure consulting contract; requirements; void provisions.

Section 646A.715 - Cancellation; effective date; payment for services provided before cancellation or breach; form; sufficiency of notice.

Section 646A.720 - Prohibited acts of foreclosure consultant.

Section 646A.725 - Definitions for ORS 646A.725 to 646A.750.

Section 646A.730 - Persons that are not equity purchasers.

Section 646A.735 - Written contract; requirements; void provisions; power of attorney prohibited.

Section 646A.740 - Cancellation; effective date; rebuttable presumption of delivery; payment for services; form; sufficiency of notice; return of documents.

Section 646A.745 - Required and prohibited acts.

Section 646A.750 - Rebuttable presumptions; accounting; bona fide purchaser; memorandum of agreement; form.

Section 646A.755 - Acts not precluded.

Section 646A.760 - Civil action for damages; attorney fees and costs; limitation on commencement of action.

Section 646A.770 - Definitions.

Section 646A.773 - Applicability of Insurance Code; statement of costs; exemptions.

Section 646A.776 - Required disclosures; cancellation provisions; effect on motor vehicle purchaser’s credit.

Section 646A.779 - Determination of amount of waiver; waivers that are required and waivers that are not required.

Section 646A.781 - Cancellation and expiration; refunds; effect of sale, assignment or transfer.

Section 646A.784 - Reimbursement insurance policies for guaranteed asset protection waivers.

Section 646A.787 - Fiduciary responsibilities.

Section 646A.800 - Late fees on delinquent cable service accounts; amount; disclosure; notice.

Section 646A.801 - Termination of residential cable service or residential telecommunications service for certain persons.

Section 646A.803 - Contest and sweepstakes solicitations; required disclosures; prohibited representations.

Section 646A.806 - Website with photographs and information about arrested persons; requirement to remove photographs and information upon request; penalty.

Section 646A.808 - Obtaining personal information by false representation via electronic media.

Section 646A.810 - Patent infringement claim made in bad faith; enforcement as unlawful practice; limitations; rules.

Section 646A.813 - Security requirements for Internet-connected devices; exemptions; penalty.