http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.4127:
SEC. 5. DEFINITIONS.
In this Act the following definitions apply:
(1) BREACH OF SECURITY- The term `breach of security' means the
unauthorized acquisition of data in electronic form containing personal
information that establishes a reasonable basis to conclude that there is a
significant risk of identity theft to the individual to whom the personal
information relates. The encryption of such data, combined with appropriate
safeguards of the keys necessary to enable decryption of such data, shall
establish a presumption that no such reasonable basis exists. Any such
presumption may be rebutted by facts demonstrating that the method of
encryption has been or is likely to be compromised.
(2) COMMISSION- The term `Commission' means the Federal Trade
Commission.
(3) DATA IN ELECTRONIC FORM- The term `data in electronic form'
means any data stored electronically or digitally on any computer system or
other database and includes recordable tapes and other mass storage devices.
(4) ENCRYPTION- The term `encryption' means the protection of
data in electronic form in storage or in transit using an encryption algorithm
implemented within a validated cryptographic module that has been approved by
the National Institute of Standards and Technology or another comparable
standards body recognized by the Commission, rendering such data indecipherable
in the absence of associated cryptographic keys necessary to enable decryption
of such data. Such encryption must include appropriate management and
safeguards of such keys to protect the integrity of the encryption.
