senate Bill S6834B

2015-2016 Legislative Session

Relates to notification of security breach

download bill text pdf

Sponsored By

Archive: Last Bill Status - In Senate Committee Consumer Protection Committee


  • Introduced
  • In Committee
  • On Floor Calendar
    • Passed Senate
    • Passed Assembly
  • Delivered to Governor
  • Signed/Vetoed by Governor

Your Voice

do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Actions

view actions (5)
Assembly Actions - Lowercase
Senate Actions - UPPERCASE
Jun 09, 2016 print number 6834b
Jun 09, 2016 amend and recommit to consumer protection
May 13, 2016 print number 6834a
May 13, 2016 amend and recommit to consumer protection
Feb 26, 2016 referred to consumer protection

S6834 - Details

See Assembly Version of this Bill:
A10475
Current Committee:
Senate Consumer Protection
Law Section:
General Business Law
Laws Affected:
Amd §899-aa, Gen Bus L; amd §208, St Tech L
Versions Introduced in 2017-2018 Legislative Session:
S5601, A7167

S6834 - Summary

Relates to notification of a security breach; includes credit and debit card; increases civil penalties.

S6834 - Sponsor Memo

S6834 - Bill Text download pdf

                    S T A T E   O F   N E W   Y O R K
________________________________________________________________________

                                  6834

                            I N  S E N A T E

                            February 26, 2016
                               ___________

Introduced  by Sen. VENDITTO -- read twice and ordered printed, and when
  printed to be committed to the Committee on Consumer Protection

AN ACT to amend the general business law and the state  technology  law,
  in relation to notification of a security breach

  THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
BLY, DO ENACT AS FOLLOWS:

  Section 1. Subdivisions 1, 2, 6, 7, 8 and 9 of section 899-aa  of  the
general business law, as added by chapter 442 of the laws of 2005, para-
graph  (c) of subdivision 1, paragraph (a) of subdivision 6 and subdivi-
sion 8 as amended by chapter 491 of the laws of 2005 and  paragraph  (a)
of  subdivision 8 as amended by section 6 of part N of chapter 55 of the
laws of 2013, are amended to read as follows:
  1. As used in this section, the following terms shall have the follow-
ing meanings:
  (a) "Personal information" shall mean  any  information  concerning  a
natural  person  which, because of name, number, personal mark, or other
identifier, can be used to identify such natural person;
  (b) "Private information" shall mean EITHER: (I) personal  information
consisting of any information in combination with any one or more of the
following  data  elements,  when  either the personal information or the
data element is not encrypted, or encrypted with an encryption key  that
has also been acquired:
  (1) social security number;
  (2)  driver's license number or non-driver identification card number;
[or]
  (3) account number, credit or debit card number, in  combination  with
any  required  security code, access code, or password that would permit
access to an individual's financial account; OR
  (4) BIOMETRIC INFORMATION, MEANING DATA GENERATED BY  AUTOMATIC  MEAS-
UREMENTS  OF AN INDIVIDUAL'S PHYSICAL CHARACTERISTICS, WHICH ARE USED BY
THE OWNER OR LICENSEE TO AUTHENTICATE THE INDIVIDUAL'S IDENTITY;
  (II) A USER NAME OR EMAIL ADDRESS IN COMBINATION WITH  A  PASSWORD  OR
SECURITY  QUESTION  AND  ANSWER  THAT  WOULD  PERMIT ACCESS TO AN ONLINE
ACCOUNT; OR

 EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                      [ ] is old law to be omitted.

S6834A - Details

See Assembly Version of this Bill:
A10475
Current Committee:
Senate Consumer Protection
Law Section:
General Business Law
Laws Affected:
Amd §899-aa, Gen Bus L; amd §208, St Tech L
Versions Introduced in 2017-2018 Legislative Session:
S5601, A7167

S6834A - Summary

Relates to notification of a security breach; includes credit and debit card; increases civil penalties.

S6834A - Sponsor Memo

S6834A - Bill Text download pdf

                    S T A T E   O F   N E W   Y O R K
________________________________________________________________________

                                 6834--A

                            I N  S E N A T E

                            February 26, 2016
                               ___________

Introduced  by Sen. VENDITTO -- read twice and ordered printed, and when
  printed to be committed to the Committee  on  Consumer  Protection  --
  committee  discharged,  bill amended, ordered reprinted as amended and
  recommitted to said committee

AN ACT to amend the general business law and the state  technology  law,
  in relation to notification of a security breach

  THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
BLY, DO ENACT AS FOLLOWS:

  Section 1. Subdivisions 1, 2, 5, 6, 7, 8 and 9 of  section  899-aa  of
the  general  business law, as added by chapter 442 of the laws of 2005,
paragraph (c) of subdivision 1,  paragraph  (a)  of  subdivision  6  and
subdivision  8  as  amended by chapter 491 of the laws of 2005 and para-
graph (a) of subdivision 8 as amended by section 6 of part N of  chapter
55 of the laws of 2013, are amended to read as follows:
  1. As used in this section, the following terms shall have the follow-
ing meanings:
  (a)  "Personal  information"  shall  mean any information concerning a
natural person which, because of name, number, personal mark,  or  other
identifier, can be used to identify such natural person;
  (b)  "Private information" shall mean EITHER: (I) personal information
consisting of any information in combination with any one or more of the
following data elements, when either the  personal  information  or  the
data  element is not encrypted, or encrypted with an encryption key that
has also been acquired:
  (1) social security number;
  (2) driver's license number or non-driver identification card  number;
[or]
  (3)  account  number, credit or debit card number, in combination with
any required security code, access code, or password that  would  permit
access to an individual's financial account; OR
  (4)  BIOMETRIC  INFORMATION, MEANING DATA GENERATED BY AUTOMATIC MEAS-
UREMENTS OF AN INDIVIDUAL'S PHYSICAL CHARACTERISTICS, WHICH ARE USED  BY
THE OWNER OR LICENSEE TO AUTHENTICATE THE INDIVIDUAL'S IDENTITY;

 EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                      [ ] is old law to be omitted.
                                                           LBD09470-10-6

S6834B (ACTIVE) - Details

See Assembly Version of this Bill:
A10475
Current Committee:
Senate Consumer Protection
Law Section:
General Business Law
Laws Affected:
Amd §899-aa, Gen Bus L; amd §208, St Tech L
Versions Introduced in 2017-2018 Legislative Session:
S5601, A7167

S6834B (ACTIVE) - Summary

Relates to notification of a security breach; includes credit and debit card; increases civil penalties.

S6834B (ACTIVE) - Sponsor Memo

S6834B (ACTIVE) - Bill Text download pdf

                    S T A T E   O F   N E W   Y O R K
________________________________________________________________________

                                 6834--B

                            I N  S E N A T E

                            February 26, 2016
                               ___________

Introduced  by Sen. VENDITTO -- read twice and ordered printed, and when
  printed to be committed to the Committee  on  Consumer  Protection  --
  committee  discharged,  bill amended, ordered reprinted as amended and
  recommitted to said committee -- committee discharged,  bill  amended,
  ordered reprinted as amended and recommitted to said committee

AN  ACT  to amend the general business law and the state technology law,
  in relation to notification of a security breach

  THE PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND  ASSEM-
BLY, DO ENACT AS FOLLOWS:

  Section  1.  Subdivisions  1, 2, 5, 6, 7, 8 and 9 of section 899-aa of
the general business law, as added by chapter 442 of the laws  of  2005,
paragraph  (c)  of  subdivision  1,  paragraph  (a) of subdivision 6 and
subdivision 8 as amended by chapter 491 of the laws of  2005  and  para-
graph  (a) of subdivision 8 as amended by section 6 of part N of chapter
55 of the laws of 2013, are amended and a new subdivision 5-a  is  added
to read as follows:
  1. As used in this section, the following terms shall have the follow-
ing meanings:
  (a)  "Personal  information"  shall  mean any information concerning a
natural person which, because of name, number, personal mark,  or  other
identifier, can be used to identify such natural person;
  (b)  "Private information" shall mean EITHER: (I) personal information
consisting of any information in combination with any one or more of the
following data elements, when either the  personal  information  or  the
data  element is not encrypted, or encrypted with an encryption key that
has also been acquired:
  (1) social security number;
  (2) driver's license number or non-driver identification card  number;
[or]
  (3)  account  number, credit or debit card number, in combination with
any required security code, access code, or password that  would  permit
access to an individual's financial account; OR

 EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                      [ ] is old law to be omitted.
                                                           LBD09470-16-6

Comments

Open Legislation comments facilitate discussion of New York State legislation. All comments are subject to moderation. Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity or hate speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Comment moderation is generally performed Monday through Friday.

By contributing or voting you agree to the Terms of Participation and verify you are over 13.