Wednesday, January 14, 2015

NY AG to propose new bill to strengthen data security law

- New York Attorney General Eric Schneiderman on Thursday will propose a legislation that he says would make the state's data security law the strongest in the country and require "unprecedented safeguards" for the personal data of consumers and workers.

The proposal overhauls law enforcement authorities' power to combat cyber crime and ensure they have appropriate tools to investigate, disrupt and prosecute cyber crime.


If it becomes a law, New York's requirements would meet California standards in terms of the breadth of information covered, and exceed that state's standards in other ways, according to Matt Mittenthal, a spokesman for Schneiderman.


In the wake of growing cyber crimes, the bill seeks to protect customer information by expanding the scope of information saying that employers and retailers would be responsible for data protection.


The bill will also legislate reasonable data security requirement at the point where the private information is fed in and stored. Entities that acquire independent third-party audits and certifications annually showing compliance with New York's data-security requirements should receive a rebuttable presumption of reasonable data security as required by the law.


The announcement comes just as President Obama has proposed to improve cyber security standards, including updating its security breach reporting by standardizing the patchwork of 46 state laws by putting in place a single notice requirement.


A report by Schneiderman in July last year said the number of reported data security breaches in New York more than tripled between 2006 and 2013.


About 22.8 million personal records of New Yorkers have been exposed in nearly 5,000 data breaches during the period, costing the public and private sectors in New York more than $1.37 billion in 2013, according to the report.


No comments:

Post a Comment