Senate Bill S1104A

2017-2018 Legislative Session

Relates to the timeliness of disclosure of a breach of the security of a system which contains private information

download bill text pdf

Sponsored By

Archive: Last Bill Status - In Senate Committee Rules Committee


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Delivered to Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions
Votes

Bill Amendments

2017-S1104 - Details

See Assembly Version of this Bill:
A7232
Current Committee:
Senate Rules
Law Section:
General Business Law
Laws Affected:
Amd §899-aa, Gen Bus L
Versions Introduced in 2015-2016 Legislative Session:
S7347

2017-S1104 - Summary

Relates to the timeliness of disclosure of a breach of the security of a system which contains private information.

2017-S1104 - Sponsor Memo

2017-S1104 - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   1104
 
                        2017-2018 Regular Sessions
 
                             I N  S E N A T E
 
                              January 6, 2017
                                ___________
 
 Introduced  by  Sen. VALESKY -- read twice and ordered printed, and when
   printed to be committed to the Committee on Consumer Protection
 
 AN ACT to amend the general business law, in relation to the  timeliness
   of  disclosure  of a breach of the security of a system which contains
   private information

   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section  1.  Subdivision  2  of section 899-aa of the general business
 law, as added by chapter 442 of the laws of 2005, is amended to read  as
 follows:
   2.  Any  person or business which conducts business in New York state,
 and which owns or licenses  computerized  data  which  includes  private
 information  shall  disclose  any  breach  of the security of the system
 following discovery or notification of the breach in the security of the
 system to any resident of New York state whose private information  was,
 or  is  reasonably  believed  to have been, acquired by a person without
 valid authorization. The disclosure shall be made [in the most expedient
 time possible and]  without  unreasonable  delay,  consistent  with  the
 legitimate  needs of law enforcement, as provided in subdivision four of
 this section, or any measures necessary to determine the  scope  of  the
 breach  and  restore  the reasonable integrity of the system. REASONABLE
 DELAY UNDER THIS SUBDIVISION SHALL NOT EXCEED FORTY-FIVE DAYS, EXCEPT AS
 PROVIDED IN SUBDIVISION FOUR OF THIS SECTION OR  UNLESS  THE  PERSON  OR
 BUSINESS  SEEKING  ADDITIONAL  TIME DEMONSTRATES TO THE ATTORNEY GENERAL
 THAT ADDITIONAL TIME IS REASONABLY NECESSARY TO DETERMINE THE  SCOPE  OF
 THE  BREACH OF THE SECURITY SYSTEM, PREVENT FURTHER DISCLOSURES, CONDUCT
 THE RISK ASSESSMENT, AND RESTORE THE REASONABLE INTEGRITY OF THE SECURI-
 TY SYSTEM. IF THE ATTORNEY GENERAL DETERMINES THAT ADDITIONAL  DELAY  IS
 NECESSARY  THE  AGENCY  MAY  EXTEND THE TIME PERIOD FOR NOTIFICATION FOR
 ADDITIONAL PERIODS OF UP TO FORTY-FIVE DAYS  EACH.  ANY  SUCH  EXTENSION
 SHALL BE PROVIDED IN WRITING.
   § 2. This act shall take effect immediately.
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
              

2017-S1104A (ACTIVE) - Details

See Assembly Version of this Bill:
A7232
Current Committee:
Senate Rules
Law Section:
General Business Law
Laws Affected:
Amd §899-aa, Gen Bus L
Versions Introduced in 2015-2016 Legislative Session:
S7347

2017-S1104A (ACTIVE) - Summary

Relates to the timeliness of disclosure of a breach of the security of a system which contains private information.

2017-S1104A (ACTIVE) - Sponsor Memo

2017-S1104A (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  1104--A
     Cal. No. 250
 
                        2017-2018 Regular Sessions
 
                             I N  S E N A T E
 
                              January 6, 2017
                                ___________
 
 Introduced  by  Sen. VALESKY -- read twice and ordered printed, and when
   printed to be committed to the Committee  on  Consumer  Protection  --
   reported  favorably  from  said committee, ordered to first and second
   report, ordered to a third reading,  amended  and  ordered  reprinted,
   retaining its place in the order of third reading
 
 AN  ACT to amend the general business law, in relation to the timeliness
   of disclosure of a breach of the security of a system  which  contains
   private information
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. Subdivision 2 of section 899-aa  of  the  general  business
 law,  as added by chapter 442 of the laws of 2005, is amended to read as
 follows:
   2. Any person or business which conducts business in New  York  state,
 and  which  owns  or  licenses  computerized data which includes private
 information shall disclose any breach of  the  security  of  the  system
 following discovery or notification of the breach in the security of the
 system  to any resident of New York state whose private information was,
 or is reasonably believed to have been, acquired  by  a  person  without
 valid authorization. The disclosure shall be made [in the most expedient
 time  possible  and]  without  unreasonable  delay,  consistent with the
 legitimate needs of law enforcement, as provided in subdivision four  of
 this  section,  or  any measures necessary to determine the scope of the
 breach and restore the reasonable integrity of  the  system.  REASONABLE
 DELAY UNDER THIS SUBDIVISION SHALL NOT EXCEED FORTY-FIVE DAYS, EXCEPT AS
 PROVIDED  IN  SUBDIVISION  FOUR  OF THIS SECTION OR UNLESS THE PERSON OR
 BUSINESS SEEKING ADDITIONAL TIME DEMONSTRATES TO  THE  ATTORNEY  GENERAL
 THAT  ADDITIONAL  TIME IS REASONABLY NECESSARY TO DETERMINE THE SCOPE OF
 THE BREACH OF THE SECURITY SYSTEM, PREVENT FURTHER DISCLOSURES,  CONDUCT
 THE RISK ASSESSMENT, AND RESTORE THE REASONABLE INTEGRITY OF THE SECURI-
 TY  SYSTEM.  IF THE ATTORNEY GENERAL DETERMINES THAT ADDITIONAL DELAY IS
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.