State Senate Roundtable on Online Privacy, Data Breach, and Internet Safety Featuring Top Representatives of the Industry

Albany - State Senator Martin Golden, Chair of the State Senate Select Committee on Science, Technology, Incubation, and Entrepreneurship, said today that the Committee will conduct a Roundtable on online privacy and data breaches with members of the internet online industry on Wednesday May 27, 2015, at Noon in Room 711A at the Legislative Office Building in Albany.

The purpose is to further refine legislation to help prevent online data attacks, keep personal data secure, and to criminalize intrusions into personal data by hackers and others. Issues to be discussed include bills introduced by Senator Golden and others, S. 4072 and S. 4073.

Members of the Industry are expected to attend, including representatives from Microsoft and Google, Apple, Direct Marketing, and others.

The majority of attacks are on three sectors—the public sector, the information sector, and the financial sector; but all sectors of the economy and all people are vulnerable, Golden noted. According to the Verizon 2015 Data Breach Investigation report, there were almost 80,000 security incidents in 2014, with a $400 million loss from just over 700 compromised records. The report also shows that the movement from victim 1 to victim 2 takes place now within 24 hours or less. And this is a partial report, as not all entities responded this year, and not all entities give full data.

“The key issue is to help protect individual entities, public and private, from the attacks and the breaches, to penalize the attacks when they comes, and to develop ways to better share information quickly without compromising investigations or capturing perpetrators,” Golden said.

The Golden bills provide for better calibration of penalties to crimes. As an example of the current problems in the penal law, the most severe penalty for ID Theft is a Class D felony, and the law does not distinguish between more and less severe instances of ID Theft. This someone who engages in ID Theft that causes $2,001 faces the same charge as one who causes losses of $500,000 or more. In a Nassau County case, a doctor stole personal information from nearly 1,000 patients, but was charged only with a Class A misdemeanor, the same charge as jumping a subway turnstile.

Other portions of the Golden legislation would assure that employers, schools, and building owners cannot require access to a personal email or social media account as a condition of employment or prospective employment, acceptance and attendance at a school, or renting. The bill would also expand the State’s anti-phishing law to include impersonating an individual, keep portions of social security numbers confidential, and require that email and website operators divulge their policies for destruction of information when a person is no longer a subscriber or user.

“The news is filled these days with reports about large-scale breaches of security and loss of personally identifiable information to hackers,” Senator Golden said. “The result is that people lose money, property, and security. What may not be known, since only the breaches get reported, is that there are thousands of ongoing daily attacks on public and private websites as well as internet services. The risk threat is ongoing.”

Golden has taken the lead in development of program opportunities for high tech businesses in New York. He created the country’s most far-reaching and comprehensive incubator law, and has developed Biomedical and Biotech program initiatives, and programs to encourage the growth of the digital game industry in New York, and programs for veterans entrepreneurship.