Security Magazine reports: New York Senator David Carlucci introduced Senate Bill S7289 that would ban the paying of ransom. The bill prohibits municipal corporations or other government entities from paying ransom in the event of a cyber-attack against them. In addition, the bill defines a cyber attack as “a virtual attack against the critical infrastructure, as defined in subdivision five of section eighty-six of…
Category: State/Local
PA Bill Tracker: Allowing victims of data breaches to sue companies that didn’t secure information
Daniel Walmer reports on a bill proposed in the Pennsylvania legislature: House Bill 1010, introduced by Solomon, would change that. Under the bill, victims of data breaches could sue for $5,000 per violation or more if their actual losses were more than $5,000. The attorney general’s office can also seek civil penalties up to $10,000….
Rutledge issues data breach advisories to Arkansas medical providers
Fox16 reports: Arkansas Attorney General Leslie Rutledge today sent an advisory letter to medical licensees throughout Arkansas about their duty to report a data breach under the Personal Information Protection Act (PIPA). The PIPA reporting guidelines, amended in July 2019, mandate that individuals, agencies and businesses notify the Attorney General’s Office at the same time as affected…
Texas Updates Data Breach Notification Requirements
Gregory Bautista and William Douglas Sanders of Wilson Elser Moskowitz Edelman & Dicker LLP write: Effective January 1, 2020, the Texas legislature will impose new notification requirements on businesses that maintain personal information of customers. House Bill 4390 amends the Texas Identity Theft Enforcement and Protection Act by requiring that Texas residents be notified of…
Massachusetts Senator Introduces Legislation Imposing Obligations on Data Brokers
Odia Kagan of Fox Rothschild writes: Sen. Ed Markey, D-Mass., has introduced a bill (S. 2577) imposing considerable obligations on data brokers regarding their handling of personal information. Key provisions: […] Upon a verified request, disclose to the requesting individual information about the information collected, time of collection, who it was shared with and how…
California Amends Breach Notification Law
Hunton Andrews Kurth writes: On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130, which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification number, or other…