Jackson Raymond Schipke, Connecticut, 3L Roger Williams University Law School writes: Connecticut’s data breach statute is a wolf in sheep’s clothing. That statute’s definition of “breach of security” is overbroad, encourages over-notification, and undermines the goal of protecting consumers from identity theft. In Connecticut, notification is triggered by mere access of personal information, a statutory…
Category: State/Local
Why Alabama data breach law won’t apply to banks
Michael Seale reports: Alabama lawmakers are considering a bill that would require businesses and government entities to notify the Alabama Attorney General and impacted individuals about a data security breach. If passed, the bill would make Alabama the 48th state to have a form of data breach notification law. But one group not included in…
Data Security Act Introduced in New York State Assembly
On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards. Read more on Hunton & Williams Privacy & Information Security Law Blog. So far, there does not appear to be any companion or mirror bill…
Del. AG announces four privacy bills
Legal News Line reports: Delaware state legislators and Attorney General Matt Denn on Friday announced four bills that he says will help strengthen privacy laws when it comes to the Internet and social media. … The bills would tackle four different areas of online activity including: a Victim Online Privacy Act, a Delaware Online Privacy and…
Why the NM Senate panel blocked the data breach bill
There’s an interesting piece in the Albuquerque Journal that explains why a New Mexico data breach notification bill failed again. It appears that most of the Democrats on the committee voted against it, but why they voted against it is of note. Thomas J. Cole reports: “The comments appeared to be it was too industry-friendly…
California Health Care Facility Breach Statute Updated: Changes Effective Now
Paula Stannard reminds us: As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving…