NY State Assembly Bill 2019-A10462

Archive: Last Bill Status - In Assembly Committee

Introduced
- In Committee Assembly
- In Committee Senate
- On Floor Calendar Assembly
- On Floor Calendar Senate
- Passed Assembly
- Passed Senate
Delivered to Governor
Signed By Governor

Please enter your contact information

First Name

Last Name

Email Address

A valid email address is required.

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Actions

View Actions

	Assembly Actions - Lowercase Senate Actions - UPPERCASE
May 18, 2020	referred to health

co-Sponsors

View additional co-sponsors

2019-A10462 (ACTIVE) - Details

Current Committee:: Assembly Health
Law Section:: Civil Rights Law
Laws Affected:: Amd §50, Civ Rts L; add Art 21 Title 8 §§2180 - 2183, Pub Health L

2019-A10462 (ACTIVE) - Summary

Establishes the test, trust, and certify act to establish a protocol for COVID-19 testing, contact tracing, and immunity certification and to protect individuals' right to privacy; grants individuals the right to control their self-sovereign identification data; provides for the anonymization of biometric data for protection from law enforcement.

2019-A10462 (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   10462
 
                           I N  A S S E M B L Y
 
                               May 18, 2020
                                ___________
 
 Introduced by COMMITTEE ON RULES -- (at request of M. of A. Kim) -- read
   once and referred to the Committee on Health
 
 AN  ACT  to  amend  the  civil  rights law and the public health law, in
   relation to establishing a  protocol  for  COVID-19  testing,  contact
   tracing,  and immunity certification; and in relation to providing for
   the anonymization of biometric data for protection from  law  enforce-
   ment
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may  be  cited  as  the  "test,
 trust, and certify act".
   § 2. Section 50 of the civil rights law is amended to read as follows:
   §  50.  Right  of privacy. [A] 1. ANY person, firm or corporation that
 COLLECTS, STORES, AND/OR uses for THE PURPOSE OF advertising  [purposes,
 or for the purposes of], trade, DATA-MINING, OR GENERATING COMMERCIAL OR
 ECONOMIC  VALUE,  the  name, portrait [or], picture, VIDEO, VOICE, LIKE-
 NESS, OR ANY OTHER PERSONAL DATA, BIOMETRIC DATA, OR  LOCATION  DATA  of
 any  living  person without having first obtained the written consent of
 such person, or if a minor of his or her parent or guardian, OR, IF SUCH
 CONSENT IS OBTAINED, SUBSEQUENTLY  FAILS  TO  EXERCISE  REASONABLE  CARE
 CONSISTENT  WITH  ITS  OBLIGATIONS  AS BAILEE OF SUCH INDIVIDUAL'S NAME,
 PORTRAIT, PICTURE, VIDEO, VOICE, LIKENESS, OR ANY OTHER  PERSONAL  DATA,
 BIOMETRIC DATA, OR LOCATION DATA, is guilty of a misdemeanor.
   2.  AS  USED  IN  THIS SECTION, "BIOMETRIC DATA" MEANS AN INDIVIDUAL'S
 PHYSIOLOGICAL, BIOLOGICAL OR BEHAVIORAL CHARACTERISTICS OR AN ELECTRONIC
 REPRESENTATION OF SUCH, INCLUDING AN INDIVIDUAL'S DEOXYRIBONUCLEIC  ACID
 (DNA),  THAT  CAN  BE  USED, SINGLY OR IN COMBINATION WITH EACH OTHER OR
 WITH OTHER IDENTIFYING DATA, TO ESTABLISH INDIVIDUAL IDENTITY.
   3. BIOMETRIC DATA INCLUDES, BUT IS NOT  LIMITED  TO,  IMAGERY  OF  THE
 IRIS, RETINA, FINGERPRINT, FACE, HAND, PALM, VEIN PATTERNS, BODY TEMPER-
 ATURE, DATA COLLECTED FROM FLUID FROM NASAL CAVITIES OR SALIVA TO ASCER-
 TAIN  THE  PRESENCE  OF THE NOVEL SARS-COV-2 CORONAVIRUS, DATA COLLECTED
 FROM WITHDRAWN BLOOD SERUM, PLASMA, OR WHOLE BLOOD USED TO DETERMINE THE
 PRESENCE OF ANTIBODIES, OR OTHER FORMS OF BODILY IMMUNITY, IN  CONVALES-
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets

                       [ ] is old law to be omitted.
                                                            LBD16206-01-0

 A. 10462                            2

 CENT  OR  OTHERWISE  ASYMPTOMATIC  PATIENTS OF PATHOGENIC AND INFECTIOUS
 DISEASE, AND VOICE RECORDINGS, FROM WHICH AN IDENTIFIER  TEMPLATE,  SUCH
 AS  A FACEPRINT, A MINUTIAE TEMPLATE, OR A VOICEPRINT, CAN BE EXTRACTED,
 AND  KEYSTROKE PATTERNS OR RHYTHMS, GAIT PATTERNS OR RHYTHMS, AND SLEEP,
 HEALTH, OR EXERCISE DATA THAT CONTAIN IDENTIFYING INFORMATION.
   § 3. Anonymization of biometric data; protection from law enforcement.
 The commissioner of the department of health and  the  attorney  general
 shall ensure that:
   (a)  any  sharing  of  information with governmental entities shall be
 solely for purposes of optimizing the contact tracing and  certification
 protocol as outlined in title 8 of the public health law;
   (b)  any  personal  data  that  is not being used solely to assist the
 person whose data is being accessed and that is being used for  optimiz-
 ing  and  administrating the protocol shall be cryptographically anonym-
 ized and all reasonable care shall be taken to  ensure  that  subsequent
 deanonymization is not enabled or facilitated through databases used for
 anonymized data;
   (c) any personal data shared with law enforcement authorities shall be
 shared  solely  in  strict  compliance  with the fourth amendment to the
 United States constitution and any and  all  other  state,  federal  and
 local  laws, rules, regulations, or other legal constraints that protect
 the rights of suspected or accused persons and the contact  tracing  and
 certification  protocol  shall  not lessen the degree of legally assured
 biometric data privacy of New Yorkers;
   (d) any and all  practicable  measures,  including  cryptographic  and
 self-sovereign  data storage methods, when reasonable, shall be taken to
 prevent unnecessary exposure,  unnecessary  custody  over  any  form  of
 private  data, or accidental data privacy breaches stemming from outside
 or inadvertent disclosure.
   § 4. Article 21 of the public health law is amended by  adding  a  new
 title 8 to read as follows:
                                TITLE VIII
              SEVERE ACUTE RESPIRATORY SYNDROME CORONAVIRUS 2
             (SARS-COV-2); CORONAVIRUS DISEASE 2019 (COVID-19)
 SECTION 2180. DEFINITIONS.
         2181. GUIDELINES FOR CONTACT TRACING; CERTIFICATION FOR IMMUNITY
                 STATUS.
         2182. SELF-SOVEREIGN IDENTIFICATION OF DATA.
         2183. LIAISING  WITH THE FEDERAL CENTERS FOR DISEASE CONTROL AND
                 PREVENTION.
   § 2180. DEFINITIONS. AS USED IN THIS TITLE, THE FOLLOWING TERMS  SHALL
 HAVE THE FOLLOWING MEANINGS:
   1.  "TRACKING"  OR  "CONTACT  TRACING" SHALL MEAN THE PROTOCOL THROUGH
 WHICH THE INFECTIOUS SPREAD OF  THE  NOVEL  SARS-COV-2  CORONAVIRUS  AND
 CORRESPONDING  PROPAGATION OF COVID-19 IS MONITORED IN INDIVIDUALS. SUCH
 PROTOCOL MAY BE IMPLEMENTED THROUGH, BUT NOT  LIMITED  TO,  THE  USE  OF
 SMART  PHONE APPLICATIONS, AN ANONYMIZED OR PSEUDONYMOUS DIGITAL TRACING
 IDENTIFIER, AND BLOCKCHAIN, GPS, OR BLUETOOTH TECHNOLOGY.
   2. "IMMUNITY" SHALL MEAN:
   (A) THE DEGREE TO WHICH AN INDIVIDUAL IS DIAGNOSTICALLY DETERMINED  TO
 NOT  BE SUSCEPTIBLE TO INFECTION BY OR NOT CAPABLE OF SHEDDING THE NOVEL
 SARS-COV-2 CORONAVIRUS, AS DETERMINED BY VARIOUS MARKERS SUCH AS SEROLO-
 GY-BASED TESTING FOR THE PRESENCE OF ANTIBODIES. SUCH SEROLOGICAL  TEST-
 ING MAY INCLUDE, BUT NOT BE LIMITED TO, THE RAPID DIAGNOSTIC TEST (RDT),
 ENZYME-LINKED  IMMUNOSORBENT ASSAY (ELISA), NEUTRALIZATION ASSAY, OR ANY
 TEST THAT HAS BEEN APPROVED BY THE UNITED STATES FOOD AND DRUG  ADMINIS-

 A. 10462                            3
 
 TRATION  FOR DIAGNOSTIC USE IN THE UNITED STATES AND IN THE STATE OF NEW
 YORK.
   (B) THE DEFINITION THAT THE COMMISSIONER IS AUTHORIZED, IN CONJUNCTION
 AND  IN  CONSULTATION  WITH  MEDICAL RESEARCHERS AND HEALTH OFFICERS, TO
 UNILATERALLY DETERMINE, AS RESEARCH CONTINUES TO BE CONDUCTED ON  IMMUNE
 RESPONSE  TO  THE NOVEL CORONAVIRUS, SEROLOGICAL TESTING, ANTIVIRAL DRUG
 THERAPIES, AND CANDIDATES FOR A VACCINE.
   3. "CERTIFYING" SHALL MEAN THE PROTOCOL THROUGH WHICH AN INDIVIDUAL IS
 DETERMINED TO HAVE IMMUNITY TO COVID-19 OR IS OTHERWISE DEEMED  NON-CON-
 TAGIOUS AND ABLE TO PARTICIPATE IN GREATER SOCIETY.
   4.  "SELF-SOVEREIGN  IDENTIFICATION"  SHALL  MEAN, WITH RESPECT TO THE
 COLLECTION AND MONITORING OF DATA USED FOR THE TRACKING OF THE SPREAD OF
 THE NOVEL CORONAVIRUS, COVID-19, THE RIGHT OF AN INDIVIDUAL TO  MAINTAIN
 SOVEREIGN  ACCESS AND CONTROL OF THEIR DATA AND THEIR ANONYMITY, PROVID-
 ING PROOF OF  VALIDITY  WITHOUT  BEING  REQUIRED  TO  DISCLOSE  UNNEEDED
 PRIVATE  DATA,  AND  PROTECT  SUCH  DATA  FROM  EXTRACTION FOR PROFIT OR
 EXPLOITATION BY AN AUTHORITY OR EXTERNAL ENTITY, SUCH AS, BUT NOT LIMIT-
 ED TO, A PERSON, FIRM, CORPORATION, OR GOVERNMENT  ENTITY  THAT  IS  NOT
 DONE  WITH  THE  EXPLICIT INTENT FOR AIDING THE INDIVIDUAL IN MITIGATING
 THE SPREAD OF THE NOVEL  CORONAVIRUS,  COVID-19,  OR  CONVALESCING  FROM
 COVID-19,  PURSUANT  TO SECTIONS TWENTY-ONE HUNDRED EIGHTY-ONE AND TWEN-
 TY-ONE HUNDRED EIGHTY-TWO OF THIS TITLE.
   5. "COVID-19" SHALL MEAN THE NOVEL SEVERE ACUTE  RESPIRATORY  SYNDROME
 CORONAVIRUS 2 (SARS-COV-2).
   §  2181.  GUIDELINES  FOR  CONTACT TRACING; CERTIFICATION FOR IMMUNITY
 STATUS. 1.  THE COMMISSIONER, IN CONJUNCTION WITH HIS  OR  HER  COUNTER-
 PARTS  IN  MUNICIPALITIES  OF THE STATE AND THE CHIEF MEDICAL AND HEALTH
 OFFICERS IN HOSPITALS AND MEDICAL FACILITIES IN THE STATE,  AND  AT  THE
 FEDERAL  CENTERS  FOR  DISEASE  CONTROL  AND PREVENTION, SHALL DEVELOP A
 PROTOCOL FOR CONTACT TRACING AND CERTIFYING FOR IMMUNITY TO MITIGATE THE
 SPREAD OF COVID-19.
   2. THE DEPARTMENT SHALL ENSURE THAT AUTHORIZED  DIAGNOSTIC  TESTS  FOR
 IMMUNITY  BE  CONDUCTED UNCONDITIONALLY AND FREE OF CHARGE FOR ANY INDI-
 VIDUAL.
   (A) NO PROVIDER OF COVID-19 AND ANTIBODY  TESTING  SHALL  DISCRIMINATE
 AGAINST  A CONSUMER FOR EXERCISING HIS OR HER RIGHT TO UNCONDITIONAL AND
 FREE TESTING FOR IMMUNITY.
   (B) A TESTING PROVIDER SHALL NOT DISCRIMINATE AGAINST  A  PATIENT  WHO
 EXERCISES ANY OF THEIR SELF-SOVEREIGN IDENTIFICATION AND DATA PROTECTION
 RIGHTS  UNDER  THIS TITLE OR DOES NOT PROVIDE CONSENT TO ADDITIONAL DATA
 COLLECTION OR SHARING UNDER THIS TITLE, INCLUDING, BUT NOT  LIMITED  TO,
 BY:
   (I) DENYING TESTING SERVICES TO THE CONSUMER;
   (II) CHARGING A FEE FOR TESTING;
   (III)  PROVIDING  A  DIFFERENT  LEVEL OR QUALITY OF TESTING OR MEDICAL
 SERVICE TO THE CONSUMER; OR
   (IV) SUGGESTING THAT THE CONSUMER WILL RECEIVE A FEE  FOR  TESTING  OR
 MEDICAL  SERVICE  OR  A DIFFERENT LEVEL OR QUALITY OF TESTING OR MEDICAL
 SERVICE.
   § 2182. SELF-SOVEREIGN IDENTIFICATION OF DATA. 1. THE DEPARTMENT SHALL
 STRUCTURE THE PROTOCOL DEVELOPED PURSUANT TO SECTION TWENTY-ONE  HUNDRED
 EIGHTY-ONE  OF THIS TITLE TO MAKE PROVISIONS FOR ACCEPTING AND FUNCTION-
 ING WITH THE SELF-SOVEREIGN IDENTIFICATION OF INDIVIDUALS' DATA.
   2. INFORMATION RELATED OR PERTAINING TO  AN  INDIVIDUAL'S  IMMIGRATION
 STATUS,  BANKING  STATUS,  FINANCIAL  AFFAIRS,  OR  CRIMINAL OR POLICING
 RECORD, SHALL BE DEEMED TO BE SENSITIVE PERSONALLY IDENTIFIABLE INFORMA-

 A. 10462                            4
 
 TION, AND SHALL NOT  BE  PROCURED  FROM  THE  INDIVIDUAL  AT  ANY  POINT
 THROUGHOUT THE TRACING AND CERTIFICATION PROCESS.
   3.  FOR  APPLICATIONS  OR  AGENCIES  TO  SUPPORT TRACING, TESTING, AND
 CERTIFICATION PROTOCOLS REQUIRED USE  OF  ANY  CENTRALIZED,  THIRD-PARTY
 PRIVATE PLATFORM OR DIGITAL CLOUD INFRASTRUCTURE AS CENTRAL DATA STORAGE
 FOR THE PURPOSES OF IMPLEMENTING THE PROTOCOL IS PROHIBITED.
   4.  THE  COLLECTION  AND STORAGE OF TRACING AND CERTIFICATION DATA FOR
 THE IMPLEMENTATION OF THE PROTOCOL SHALL BE SUPPORTED USING A DECENTRAL-
 IZED DATABASE, IN ORDER TO FACILITATE:
   (A) THE PROTECTION OF PERSONAL HEALTH RECORDS AND INDIVIDUAL IDENTITY,
 AND THE PRESERVATION OF SELF-SOVEREIGNTY OVER ONE'S OWN PERSONAL  BIOME-
 TRIC DATA;
   (B) THE MAXIMIZATION OF DATA INTEGRITY AND SECURITY THROUGH ENCRYPTION
 AND  VERIFICATION  OF  PERSONAL HEALTH RECORDS TO MITIGATE THE NECESSARY
 INVOLVEMENT OR INFILTRATION OF CENTRAL PARTIES NOT PRIVY TO ACCESS  SUCH
 INFORMATION; AND
   (C) ACCESSIBILITY TO PUBLISHED DATA AND DATA PROVENANCE, TO ENSURE THE
 TRANSPARENCY OF TRACING DATA INPUTS.
   5. (A) EVERY INDIVIDUAL HAS A RIGHT OF SELF-SOVEREIGN IDENTITY WHEREBY
 THEY CAN ISSUE, REVOKE, AND RECOVER THEIR IDENTITY AUTONOMOUSLY.
   (B) EVERY INDIVIDUAL HAS THE RIGHT TO USE THEIR SELF-SOVEREIGN IDENTI-
 TY  TO SUBMIT PROVABLE INFORMATION ABOUT THEMSELVES AND HAVE SUCH INFOR-
 MATION ACCEPTED AS VALID IF IT HAS BEEN ATTESTED TO CRYPTOGRAPHICALLY BY
 AN ACCEPTABLE AUTHORITY.
   (C) EVERY SELF-SOVEREIGN IDENTITY SYSTEM HAS THE  RIGHT  TO  CREATE  A
 CRYPTOGRAPHICALLY  SECURE  DIGITAL SIGNATURE, WHICH SHALL BE ACCEPTED AS
 LEGALLY BINDING IF PROPERLY ATTESTED TO AS REPRESENTING  THE  INDIVIDUAL
 BY AN ACCEPTABLE AUTHORITY OR AUTHORITIES.
   §  2183.  LIAISING  WITH  THE  FEDERAL CENTERS FOR DISEASE CONTROL AND
 PREVENTION.  THE GOVERNOR AND THE COMMISSIONER SHALL BE RESPONSIBLE  FOR
 LIAISING  WITH THE FEDERAL CENTERS FOR DISEASE CONTROL AND PREVENTION TO
 COORDINATE STATE AND FEDERAL EFFORTS TO MITIGATE THE SPREAD OF COVID-19,
 ENSURE THAT ADEQUATE DATA PROTECTIONS AS PRESCRIBED IN  THIS  TITLE  ARE
 BEING TAKEN AT THE FEDERAL LEVEL, AND PROVIDE CONSULTATION TO THE FEDER-
 AL  GOVERNMENT  FOR  IMPLEMENTING  A  SIMILARLY  DECENTRALIZED AND SELF-
 SOVEREIGN SYSTEM FOR CONTACT TRACING AND IMMUNITY CERTIFICATION  NATION-
 WIDE.
   § 5. This act shall take effect immediately.

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Assembly Bill A10462

Sponsored By

Archive: Last Bill Status - In Assembly Committee

co-Sponsors

2019-A10462 (ACTIVE) - Details

2019-A10462 (ACTIVE) - Summary

2019-A10462 (ACTIVE) - Bill Text download pdf

Comments

Assembly Bill A10462

Share this bill

Sponsored By

KIM

Archive: Last Bill Status - In Assembly Committee

co-Sponsors

Jo Anne Simon

Mathylde Frontus

Anthony D'Urso

Walter T. Mosley

2019-A10462 (ACTIVE) - Details

2019-A10462 (ACTIVE) - Summary

2019-A10462 (ACTIVE) - Bill Text download pdf

Comments