30-14-1712. Fraudulent electronic misrepresentation -- penalties -- exemption. (1) An individual or business that, by means of a website, an electronic mail message, or otherwise through the internet, solicits, requests, or takes an action to induce another individual or business to provide personal information by purporting to be a third-party individual or a business without the authority or approval of the third-party individual or business is guilty of a theft of identity, as provided in 45-6-332(1). This crime of fraudulent electronic misrepresentation is commonly known as "phishing".
(2) An individual or a business that is adversely affected by a violation of subsection (1) has a private right of action, as provided in 30-14-1713.
(3) The attorney general or a county attorney in a county where the violation under subsection (1) is reported may bring a criminal action against an individual or a business accused of engaging in a pattern and practice of violating subsection (1) and, in addition to bringing a criminal action, may request a court of competent jurisdiction to issue a temporary injunction against the continued use of a website, an electronic mail message, or the internet by the individual or business served with the injunction.
(4) An internet services provider may not be held liable for identifying, removing, or disabling access to an internet website or other online location if the internet services provider believes that the internet website or other online location is being used to engage in a violation of this section.