Assembly Actions -
Lowercase Senate Actions - UPPERCASE |
|
---|---|
Jun 20, 2018 |
committed to rules |
Feb 13, 2018 |
advanced to third reading |
Feb 12, 2018 |
2nd report cal. |
Feb 06, 2018 |
1st report cal.413 |
Jan 03, 2018 |
referred to consumer protection |
Jun 21, 2017 |
committed to rules |
Jun 05, 2017 |
amended on third reading 1104a |
Mar 01, 2017 |
advanced to third reading |
Feb 28, 2017 |
2nd report cal. |
Feb 14, 2017 |
1st report cal.250 |
Jan 06, 2017 |
referred to consumer protection |
Senate Bill S1104A
2017-2018 Legislative Session
Sponsored By
(D, IP) Senate District
Archive: Last Bill Status - In Senate Committee Rules Committee
- Introduced
-
- In Committee Assembly
- In Committee Senate
-
- On Floor Calendar Assembly
- On Floor Calendar Senate
-
- Passed Assembly
- Passed Senate
- Delivered to Governor
- Signed By Governor
Actions
Votes
Bill Amendments
2017-S1104 - Details
- See Assembly Version of this Bill:
- A7232
- Current Committee:
- Senate Rules
- Law Section:
- General Business Law
- Laws Affected:
- Amd §899-aa, Gen Bus L
- Versions Introduced in 2015-2016 Legislative Session:
-
S7347
2017-S1104 - Sponsor Memo
BILL NUMBER: S1104 TITLE OF BILL : An act to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information PURPOSE : To update New York's data breach law to include a definitive timetable for notification to consumers of a security breach. SUMMARY OF PROVISIONS : Section 1: Amends subdivision 2 of section 899-aa of the general business law by adding a definitive timetable for notification to consumers' that a breach of their personal information has occurred. Under the current law, consumers must be notified in the most expedient time possible and without unreasonable day. This bill maintains that consumers must be notified in the most expedient time possible but adds a requirement that notification must occur within 45 days. Additionally, this bill defines reasonable delay includes determining the scope of the breach, preventing further disclosures, conducting a risk assessment, and restoring the integrity of the security system. If the Attorney General determines that additional time is necessary, notification may be delayed for another period of 45 days.
2017-S1104 - Bill Text download pdf
S T A T E O F N E W Y O R K ________________________________________________________________________ 1104 2017-2018 Regular Sessions I N S E N A T E January 6, 2017 ___________ Introduced by Sen. VALESKY -- read twice and ordered printed, and when printed to be committed to the Committee on Consumer Protection AN ACT to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM- BLY, DO ENACT AS FOLLOWS: Section 1. Subdivision 2 of section 899-aa of the general business law, as added by chapter 442 of the laws of 2005, is amended to read as follows: 2. Any person or business which conducts business in New York state, and which owns or licenses computerized data which includes private information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the system to any resident of New York state whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization. The disclosure shall be made [in the most expedient time possible and] without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision four of this section, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the system. REASONABLE DELAY UNDER THIS SUBDIVISION SHALL NOT EXCEED FORTY-FIVE DAYS, EXCEPT AS PROVIDED IN SUBDIVISION FOUR OF THIS SECTION OR UNLESS THE PERSON OR BUSINESS SEEKING ADDITIONAL TIME DEMONSTRATES TO THE ATTORNEY GENERAL THAT ADDITIONAL TIME IS REASONABLY NECESSARY TO DETERMINE THE SCOPE OF THE BREACH OF THE SECURITY SYSTEM, PREVENT FURTHER DISCLOSURES, CONDUCT THE RISK ASSESSMENT, AND RESTORE THE REASONABLE INTEGRITY OF THE SECURI- TY SYSTEM. IF THE ATTORNEY GENERAL DETERMINES THAT ADDITIONAL DELAY IS NECESSARY THE AGENCY MAY EXTEND THE TIME PERIOD FOR NOTIFICATION FOR ADDITIONAL PERIODS OF UP TO FORTY-FIVE DAYS EACH. ANY SUCH EXTENSION SHALL BE PROVIDED IN WRITING. § 2. This act shall take effect immediately. EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
2017-S1104A (ACTIVE) - Details
- See Assembly Version of this Bill:
- A7232
- Current Committee:
- Senate Rules
- Law Section:
- General Business Law
- Laws Affected:
- Amd §899-aa, Gen Bus L
- Versions Introduced in 2015-2016 Legislative Session:
-
S7347
2017-S1104A (ACTIVE) - Sponsor Memo
BILL NUMBER: S1104A TITLE OF BILL : An act to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information PURPOSE : To update New York's data breach law to include a definitive timetable for notification to consumers of a security breach. SUMMARY OF PROVISIONS : Section 1: Amends subdivision 2 of section 899-aa of the general business law by adding a definitive timetable for notification to consumers' that a breach of their personal information has occurred. Under the current law, consumers must be notified in the most expedient time possible and without unreasonable day. This bill maintains that consumers must be notified in the most expedient time possible but adds a requirement that notification must occur within 45 days. Additionally, this bill defines reasonable delay includes determining the scope of the breach, preventing further disclosures, conducting a risk assessment, and restoring the integrity of the security system. If the Attorney General determines that additional time is necessary, notification may be delayed for another period of 45 days.
2017-S1104A (ACTIVE) - Bill Text download pdf
S T A T E O F N E W Y O R K ________________________________________________________________________ 1104--A Cal. No. 250 2017-2018 Regular Sessions I N S E N A T E January 6, 2017 ___________ Introduced by Sen. VALESKY -- read twice and ordered printed, and when printed to be committed to the Committee on Consumer Protection -- reported favorably from said committee, ordered to first and second report, ordered to a third reading, amended and ordered reprinted, retaining its place in the order of third reading AN ACT to amend the general business law, in relation to the timeliness of disclosure of a breach of the security of a system which contains private information THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM- BLY, DO ENACT AS FOLLOWS: Section 1. Subdivision 2 of section 899-aa of the general business law, as added by chapter 442 of the laws of 2005, is amended to read as follows: 2. Any person or business which conducts business in New York state, and which owns or licenses computerized data which includes private information shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the system to any resident of New York state whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization. The disclosure shall be made [in the most expedient time possible and] without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in subdivision four of this section, or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the system. REASONABLE DELAY UNDER THIS SUBDIVISION SHALL NOT EXCEED FORTY-FIVE DAYS, EXCEPT AS PROVIDED IN SUBDIVISION FOUR OF THIS SECTION OR UNLESS THE PERSON OR BUSINESS SEEKING ADDITIONAL TIME DEMONSTRATES TO THE ATTORNEY GENERAL THAT ADDITIONAL TIME IS REASONABLY NECESSARY TO DETERMINE THE SCOPE OF THE BREACH OF THE SECURITY SYSTEM, PREVENT FURTHER DISCLOSURES, CONDUCT THE RISK ASSESSMENT, AND RESTORE THE REASONABLE INTEGRITY OF THE SECURI- TY SYSTEM. IF THE ATTORNEY GENERAL DETERMINES THAT ADDITIONAL DELAY IS EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
Comments
Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.
Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.
Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.