A.G. Schneiderman Proposes Bill To Strengthen Data Security Laws, Protect Consumers From Growing Threat Of Data Breaches

A.G. Schneiderman Proposes Bill To Strengthen Data Security Laws, Protect Consumers From Growing Threat Of Data Breaches: NEW YORK—Attorney General Eric T. Schneiderman announced today that he would propose legislation in Albany to overhaul New York State’s data security law and require new and unprecedented safeguards for the personal data of consumers. Currently, New York State does not have a law directly requiring entities to institute data security ‎measures to protect consumer information. Moreover, in the event of a data breach or unauthorized disclosure, companies are merely required to notify affected individuals if “private information” is compromised—which does not include email addresses and passwords, security questions, medical history and health insurance information, among other categories. Attorney General Schneiderman’s bill would broaden the scope of information that companies would be responsible for protecting; require stronger technical and physical security measures for protecting information; and create a safe harbor for companies who meet certain security standards, incentivizing them to adopt tough measures to protect personal data.