states

New York enacts new security and identity theft protection laws in response to recent data breaches

By Kimberly Gold & Robert Kantrowitz on 1 August 2019

On July 25, 2019, New York Governor Andrew Cuomo signed into law the Stop Hacks and Improve Electronic Data Security (SHIELD) Act (S.5575B/A.5635), which significantly increases obligations for businesses handling private data to notify affected consumers upon experiencing a security breach. Additionally, Governor Cuomo signed the Identity Theft Prevention and Mitigating Services Act (A.2374/S.3582), requiring consumer credit reporting agencies to offer identity theft prevention and mitigation services to consumers who have been affected by a security breach of the agency’s system.

In an official press release announcing his signature on both pieces of legislation, the Governor emphasized the significance of implementing such laws to protect New Yorkers against security breaches. Citing a recent significant data breach, Cuomo noted that “[a]s technology seeps into practically every aspect of our daily lives, it is increasingly critical that we do everything we can to ensure the information that companies are trusted with is secure . . . [t]he stark reality is security breaches are becoming more frequent and with this legislation New York is taking steps to increase protections for consumers and holding these companies accountable when they mishandle sensitive data.”Continue Reading New York enacts new security and identity theft protection laws in response to recent data breaches

U.S. Chamber of Commerce assembles key stakeholders to discuss data privacy

By Divonne Smoyer, Aaron Lancaster & Alexis Cocco on 22 July 2019

The U.S. Chamber of Commerce (the “Chamber”) recently hosted a data privacy summit, “#DataDoneRight”, which brought together a group of industry professionals, government stakeholders, and privacy thought leaders to talk about data privacy.

The Chamber, which has proposed federal privacy legislation, engaged a wide variety of speakers, covering multiple viewpoints, to demonstrate the need…

GA AG Carr talks data privacy at U.S. Chamber of Commerce

By Aaron Lancaster & Divonne Smoyer on 17 July 2019

The U.S. Chamber of Commerce last week gathered a diverse, bipartisan group of policymakers, regulators, industry representatives and thought leaders to discuss all things data privacy at #DataDoneRight, its 2019 privacy summit. Topics included the California Consumer Privacy Act, the possibility of federal privacy legislation and working with privacy regulators, and the summit featured a…

State AGs continue to consider new ways to protect data privacy

By Aaron Lancaster & Divonne Smoyer on 9 July 2019

As states’ “top cops,” one of the primary responsibilities of state attorneys general (AGs) is consumer protection, and more and more AGs are focusing on how to protect consumer data privacy. Discussions at the recent Conference of Western Attorneys General (“CWAG”) Annual Meeting in Santa Barbara reflect this focus and demonstrate that state enforcers are…

Nevada and Oregon expand their data privacy laws

By Divonne Smoyer, Aaron Lancaster & Alexis Cocco on 6 June 2019

May was a busy month for state privacy law updates and amendments. In addition to amendments made by Texas to its breach notification law, both Oregon and Nevada expanded their privacy-related laws this month, while Illinois’s CCPA-like law failed to pass after a variety of amendments related to whether the law would allow for…

FTC and DC Attorney General’s office discuss federal and state privacy trends at Reed Smith

By Divonne Smoyer, Aaron Lancaster & Alexis Cocco on 3 June 2019

On May 21, 2019, representatives of the Federal Trade Commission (FTC) and the Office of DC Attorney General (AG) Karl Racine visited Reed Smith to discuss data privacy trends to watch at the federal and state level. In an IAPP KnowledgeNet presentation moderated by Reed Smith partner Divonne Smoyer, Maneesha Mithal (associate director of the FTC’s Division of Privacy and Identity Protection, Bureau of Consumer Protection) and Ben Wiseman (director of AG Racine’s Office of Consumer Protection) discussed their expectations for a federal privacy law, expanding state authority in the privacy arena, and privacy resources, among other things, in a wide-ranging conversation.
Continue Reading FTC and DC Attorney General’s office discuss federal and state privacy trends at Reed Smith

State Attorneys General and the data economy: lead, protect, enforce

By Divonne Smoyer, Aaron Lancaster & Alexis Cocco on 19 March 2019

With the passage of the California Consumer Privacy Act but no clear federal consumer privacy law on the imminent horizon, state Attorneys General (AGs) continue to investigate and analyze how best to protect their consumers. To further that goal, the National Association of Attorneys General hosted a panel entitled Emerging Issues in the Data Economy at its Winter Meeting in Washington, D.C. The panel was convened to discuss the role AGs can and should play in data privacy in an ever-changing economy. Doug Peterson, Nebraska’s AG, moderated the panel, which included Maneesha Mithal, Associate Director, Division of Privacy and Identity Protection at the Federal Trade Commission (FTC), Ryan Krieger, Assistant AG, Public Protection Division of the Vermont Attorney General’s Office, and Daniel Castro, Vice President of the Information Technology and Innovation Foundation.

As with recent House and Senate Hearings addressing these topics, the focus remained on balance: what the legal landscape should look like, who should be doing the enforcing and how that enforcement should work, and how to protect consumers without stifling innovation and entrepreneurship.Continue Reading State Attorneys General and the data economy: lead, protect, enforce

Technology Law Dispatch