Assembly Actions -
Lowercase Senate Actions - UPPERCASE |
|
---|---|
May 25, 2016 |
print number 7347a |
May 25, 2016 |
amend and recommit to consumer protection |
Apr 20, 2016 |
referred to consumer protection |
Senate Bill S7347A
2015-2016 Legislative Session
Sponsored By
(D, IP) Senate District
Archive: Last Bill Status - In Senate Committee Consumer Protection Committee
- Introduced
-
- In Committee Assembly
- In Committee Senate
-
- On Floor Calendar Assembly
- On Floor Calendar Senate
-
- Passed Assembly
- Passed Senate
- Delivered to Governor
- Signed By Governor
Actions
Bill Amendments
2015-S7347 - Details
- Current Committee:
- Senate Consumer Protection
- Law Section:
- General Business Law
- Laws Affected:
- Amd §899-aa, Gen Bus L
- Versions Introduced in 2017-2018 Legislative Session:
-
S1104
2015-S7347 - Sponsor Memo
BILL NUMBER: S7347 TITLE OF BILL : An act to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information PURPOSE : To update New York's data breach law to include a definitive timetable for notification to consumers of a security breach. SUMMARY OF PROVISIONS : Section 1: Amends subdivision 2 of section 899-aa of the general business law by adding a definitive timetable for notification to consumers' that a breach of their personal information has occurred. Under the current law, consumers must be notified in the most expedient time possible and without unreasonable day. This bill maintains that consumers must be notified in the most expedient time possible but adds a requirement that notification must occur within 45 days. Section 2: Establishes the effective date. JUSTIFICATION :
2015-S7347 - Bill Text download pdf
S T A T E O F N E W Y O R K ________________________________________________________________________ 7347 I N S E N A T E April 20, 2016 ___________ Introduced by Sen. VALESKY -- read twice and ordered printed, and when printed to be committed to the Committee on Consumer Protection AN ACT to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM- BLY, DO ENACT AS FOLLOWS: Section 1. Subdivision 2 of section 899-aa of the general business law, as added by chapter 442 of the laws of 2005, is amended to read as follows: 2. Any person or business which conducts business in New York state, and which owns or licenses computerized data which includes private information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the system to any resident of New York state whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization. The disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legit- imate needs of law enforcement, as provided in subdivision four of this section, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the system, HOWEVER, SUCH DISCLOSURE SHALL BE MADE NO LATER THAN FORTY-FIVE DAYS AFTER DISCOVERY OR NOTIFICATION OF THE BREACH IN THE SECURITY SYSTEM. S 2. This act shall take effect immediately. EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets [ ] is old law to be omitted. LBD15026-01-6
2015-S7347A (ACTIVE) - Details
- Current Committee:
- Senate Consumer Protection
- Law Section:
- General Business Law
- Laws Affected:
- Amd §899-aa, Gen Bus L
- Versions Introduced in 2017-2018 Legislative Session:
-
S1104
2015-S7347A (ACTIVE) - Sponsor Memo
BILL NUMBER: S7347A TITLE OF BILL : An act to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information PURPOSE : To update New York's data breach law to include a definitive timetable for notification to consumers of a security breach. SUMMARY OF PROVISIONS : Section 1: Amends subdivision 2 of section 899-aa of the general business law by adding a definitive timetable for notification to consumers' that a breach of their personal information has occurred. Under the current law, consumers must be notified in the most expedient time possible and without unreasonable day. This bill maintains that consumers must be notified in the most expedient time possible but adds a requirement that notification must occur within 45 days. Additionally, this bill defines reasonable delay includes determining the scope of the breach, preventing further disclosures, conducting a risk assessment, and restoring the integrity of the security system. If the Attorney General determines that additional time is necessary, notification may be delayed for another period of 45 days.
2015-S7347A (ACTIVE) - Bill Text download pdf
S T A T E O F N E W Y O R K ________________________________________________________________________ 7347--A I N S E N A T E April 20, 2016 ___________ Introduced by Sen. VALESKY -- read twice and ordered printed, and when printed to be committed to the Committee on Consumer Protection -- committee discharged, bill amended, ordered reprinted as amended and recommitted to said committee AN ACT to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM- BLY, DO ENACT AS FOLLOWS: Section 1. Subdivision 2 of section 899-aa of the general business law, as added by chapter 442 of the laws of 2005, is amended to read as follows: 2. Any person or business which conducts business in New York state, and which owns or licenses computerized data which includes private information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the system to any resident of New York state whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization. The disclosure shall be made [in the most expedient time possible and] without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision four of this section, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the system. REASONABLE DELAY UNDER THIS SUBDIVISION SHALL NOT EXCEED FORTY-FIVE DAYS, EXCEPT AS PROVIDED IN SUBDIVISION FOUR OF THIS SECTION OR UNLESS THE PERSON OR BUSINESS SEEKING ADDITIONAL TIME DEMONSTRATES TO THE ATTORNEY GENERAL THAT ADDITIONAL TIME IS REASONABLY NECESSARY TO DETERMINE THE SCOPE OF THE BREACH OF THE SECURITY SYSTEM, PREVENT FURTHER DISCLOSURES, CONDUCT THE RISK ASSESSMENT, AND RESTORE THE REASONABLE INTEGRITY OF THE SECURI- TY SYSTEM. IF THE ATTORNEY GENERAL DETERMINES THAT ADDITIONAL DELAY IS NECESSARY THE AGENCY MAY EXTEND THE TIME PERIOD FOR NOTIFICATION FOR ADDITIONAL PERIODS OF UP TO FORTY-FIVE DAYS EACH. ANY SUCH EXTENSION SHALL BE PROVIDED IN WRITING. S 2. This act shall take effect immediately. EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets [ ] is old law to be omitted.
Comments
Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.
Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.
Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.