Assembly Bill A5635

Signed By Governor
2019-2020 Legislative Session

Relates to a notification of a security breach

download bill text pdf

Sponsored By

Archive: Last Bill Status Via S5575 - Signed by Governor


  • Introduced
    • In Committee Assembly
    • In Committee Senate
    • On Floor Calendar Assembly
    • On Floor Calendar Senate
    • Passed Assembly
    • Passed Senate
  • Delivered to Governor
  • Signed By Governor

Do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.
Actions
Votes

Bill Amendments

2019-A5635 - Details

Law Section:
General Business Law
Laws Affected:
Amd Art 39-F Art Head, §899-aa, add §899-bb, Gen Bus L; amd §208, St Tech L

2019-A5635 - Summary

Relates to notification of a security breach; includes credit and debit cards; increases civil penalties.

2019-A5635 - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                   5635
 
                        2019-2020 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 14, 2019
                                ___________
 
 Introduced  by  M.  of  A. DenDEKKER -- (at request of the Department of
   Law) -- read once and referred to the Committee  on  Consumer  Affairs
   and Protection
 
 AN  ACT  to amend the general business law and the state technology law,
   in relation to notification of a security breach

   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may be cited as the "Stop Hacks
 and Improve Electronic Data Security Act (SHIELD Act)".
   §  2. The article heading of article 39-F of the general business law,
 as added by chapter 442 of the laws of  2005,  is  amended  to  read  as
 follows:
            NOTIFICATION OF UNAUTHORIZED ACQUISITION OF PRIVATE
                  INFORMATION; DATA SECURITY PROTECTIONS
   §  3.  Subdivisions  1,  2,  3, 5, 6, 7 and 8 of section 899-aa of the
 general business law, subdivisions 1, 2, 3, 5, 6 and 7 as added by chap-
 ter 442 of the laws of 2005, paragraph (c) of subdivision  1,  paragraph
 (a)  of subdivision 6 and subdivision 8 as amended by chapter 491 of the
 laws of 2005 and paragraph (a) of subdivision 8 as amended by section  6
 of  part  N  of  chapter  55 of the laws of 2013, are amended to read as
 follows:
   1. As used in this section, the following terms shall have the follow-
 ing meanings:
   (a) "Personal information" shall mean  any  information  concerning  a
 natural  person  which, because of name, number, personal mark, or other
 identifier, can be used to identify such natural person;
   (b) "Private information" shall mean EITHER: (I) personal  information
 consisting of any information in combination with any one or more of the
 following data elements, when either the DATA ELEMENT OR THE COMBINATION
 OF  personal information [or] PLUS the data element is not encrypted, or
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
                                                            LBD05343-01-9
              

co-Sponsors

2019-A5635A - Details

Law Section:
General Business Law
Laws Affected:
Amd Art 39-F Art Head, §899-aa, add §899-bb, Gen Bus L; amd §208, St Tech L

2019-A5635A - Summary

Relates to notification of a security breach; includes credit and debit cards; increases civil penalties.

2019-A5635A - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  5635--A
 
                        2019-2020 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 14, 2019
                                ___________
 
 Introduced  by  M.  of  A. DenDEKKER -- (at request of the Department of
   Law) -- read once and referred to the Committee  on  Consumer  Affairs
   and  Protection  -- reported and referred to the Committee on Codes --
   reported and referred to the Committee on Ways and Means --  committee
   discharged, bill amended, ordered reprinted as amended and recommitted
   to said committee
 
 AN  ACT  to amend the general business law and the state technology law,
   in relation to notification of a security breach
 
   THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may be cited as the "Stop Hacks
 and Improve Electronic Data Security Act (SHIELD Act)".
   §  2. The article heading of article 39-F of the general business law,
 as added by chapter 442 of the laws of  2005,  is  amended  to  read  as
 follows:
            NOTIFICATION OF UNAUTHORIZED ACQUISITION OF PRIVATE
                  INFORMATION; DATA SECURITY PROTECTIONS
   §  3.  Subdivisions  1,  2,  3, 5, 6, 7 and 8 of section 899-aa of the
 general business law, subdivisions 1, 2, 3, 5, 6 and 7 as added by chap-
 ter 442 of the laws of 2005, paragraph (c) of subdivision  1,  paragraph
 (a)  of subdivision 6 and subdivision 8 as amended by chapter 491 of the
 laws of 2005 and paragraph (a) of subdivision 8 as amended by section  6
 of  part  N  of  chapter  55 of the laws of 2013, are amended to read as
 follows:
   1. As used in this section, the following terms shall have the follow-
 ing meanings:
   (a) "Personal information" shall mean  any  information  concerning  a
 natural  person  which, because of name, number, personal mark, or other
 identifier, can be used to identify such natural person;
   (b) "Private information" shall mean EITHER: (I) personal  information
 consisting of any information in combination with any one or more of the
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
              

co-Sponsors

2019-A5635B (ACTIVE) - Details

Law Section:
General Business Law
Laws Affected:
Amd Art 39-F Art Head, §899-aa, add §899-bb, Gen Bus L; amd §208, St Tech L

2019-A5635B (ACTIVE) - Summary

Relates to notification of a security breach; includes credit and debit cards; increases civil penalties.

2019-A5635B (ACTIVE) - Bill Text download pdf

                            
 
                     S T A T E   O F   N E W   Y O R K
 ________________________________________________________________________
 
                                  5635--B
                                                            R. R. 135
 
                        2019-2020 Regular Sessions
 
                           I N  A S S E M B L Y
 
                             February 14, 2019
                                ___________
 
 Introduced  by  M. of A. DenDEKKER, PAULIN -- (at request of the Depart-
   ment of Law) -- read once and referred to the  Committee  on  Consumer
   Affairs  and  Protection  -- reported and referred to the Committee on
   Codes -- reported and referred to the Committee on Ways and  Means  --
   committee  discharged,  bill amended, ordered reprinted as amended and
   recommitted to said committee -- reported and referred to the  Commit-
   tee on Rules -- amended on the special order of third reading, ordered
   reprinted  as  amended,  retaining  its  place on the special order of
   third reading
 
 AN ACT to amend the general business law and the state  technology  law,
   in relation to notification of a security breach
 
   THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
 BLY, DO ENACT AS FOLLOWS:
 
   Section 1. This act shall be known and may be cited as the "Stop Hacks
 and Improve Electronic Data Security Act (SHIELD Act)".
   § 2. The article heading of article 39-F of the general business  law,
 as  added  by  chapter  442  of  the laws of 2005, is amended to read as
 follows:
            NOTIFICATION OF UNAUTHORIZED ACQUISITION OF PRIVATE
                  INFORMATION; DATA SECURITY PROTECTIONS
   § 3. Subdivisions 1, 2, 3, 5, 6, 7 and 8  of  section  899-aa  of  the
 general business law, subdivisions 1, 2, 3, 5, 6 and 7 as added by chap-
 ter  442  of the laws of 2005, paragraph (c) of subdivision 1, paragraph
 (a) of subdivision 6 and subdivision 8 as amended by chapter 491 of  the
 laws  of 2005 and paragraph (a) of subdivision 8 as amended by section 6
 of part N of chapter 55 of the laws of 2013, are amended, subdivision  9
 is renumbered subdivision 10 and a new subdivision 9 is added to read as
 follows:
   1. As used in this section, the following terms shall have the follow-
 ing meanings:
 
  EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                       [ ] is old law to be omitted.
              

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

Create an account. An account allows you to sign petitions with a single click, officially support or oppose key legislation, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.