http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.4127: SEC. 5. DEFINITIONS.
In this Act the following definitions apply: (1) BREACH OF SECURITY- The term `breach of security' means the unauthorized acquisition of data in electronic form containing personal information that establishes a reasonable basis to conclude that there is a significant risk of identity theft to the individual to whom the personal information relates. The encryption of such data, combined with appropriate safeguards of the keys necessary to enable decryption of such data, shall establish a presumption that no such reasonable basis exists. Any such presumption may be rebutted by facts demonstrating that the method of encryption has been or is likely to be compromised. (2) COMMISSION- The term `Commission' means the Federal Trade Commission. (3) DATA IN ELECTRONIC FORM- The term `data in electronic form' means any data stored electronically or digitally on any computer system or other database and includes recordable tapes and other mass storage devices. (4) ENCRYPTION- The term `encryption' means the protection of data in electronic form in storage or in transit using an encryption algorithm implemented within a validated cryptographic module that has been approved by the National Institute of Standards and Technology or another comparable standards body recognized by the Commission, rendering such data indecipherable in the absence of associated cryptographic keys necessary to enable decryption of such data. Such encryption must include appropriate management and safeguards of such keys to protect the integrity of the encryption.