Julian D. Perlman of BakerHostetler writes: California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach lawsuits. On Thursday, California Secretary of State Debra Bowen approved steps…
Category: State/Local
Governor Brown signs SB 46 into law; expands California’s breach notification obligations when online account data is breached
Governor Jerry Brown signed SB 46 into law today. Dominique R. Shelton and Paul G. Martinoof of Alston & Bird had a good summary of the changes the law makes: S.B. 46 amends Section 1798.82(h) to expand the definition of “personal information” for which breach notification is required. The new law adds to the definition:…
Resource: State by state data breach notification laws
Perkins Coie has compiled an updated resource (141 pages) of state data breach notification laws:
ID theft bill moving through Fla. legislature
As I’ve been reporting for a while now, Florida is an absolute hotbed of ID theft for tax refund fraud schemes. Yet state-level prosecutors are hampered by a law that requires them to prove intent to use/misuse information if someone is found in possession of others’ identity information. Of course, the federal prosecutors are not…
UT: Security breach bill passes the House
Antone Clark reports: State lawmakers are taking action to prevent another breach of sensitive data following the inadvertent release of almost 800,000 names in 2012. The House voted unanimously to approve legislation establishing guidelines for how information for Medicaid and CHIP recipients will be handled and also pushing the state to actively identify industry best…
Maine League Testifies On Breach Notice Bill
CUSystem writes: The Maine Credit Union League and representatives from Maine’s credit unions recently testified on two bills about breach notices and student-loan insurance bills, before two separate state legislative committees in Augusta. L.D. 158 requires that notice of a security breach must be made no later than 30 days after discovery of the breach…