NY State Senate Bill S3582

Archive: Last Bill Status Via A2374 - Signed by Governor

Introduced
In Committee
On Floor Calendar
- Passed Senate
- Passed Assembly
Delivered to Governor
Signed by Governor

Your Voice

Please enter your contact information

First Name *

Last Name *

Email Address *

A valid email address is required.

Home address search or enter your address manually *

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Leave this field blank

Actions

view actions (11)

	Assembly Actions - Lowercase Senate Actions - UPPERCASE
Jul 25, 2019	signed chap.115
Jul 22, 2019	delivered to governor
Jun 19, 2019	returned to assembly passed senate 3rd reading cal.870 substituted for s3582
Jun 19, 2019	substituted by a2374
May 29, 2019	advanced to third reading
May 22, 2019	2nd report cal.
May 21, 2019	1st report cal.870
Feb 11, 2019	referred to consumer protection

Votes

view votes

Jun 19, 2019 - floor Vote

A2374

floor

Aye

Nay

Absent

Excused

Abstained

May 21, 2019 - Consumer Protection committee Vote

S3582

committee

Aye

Nay

Aye with Reservations

Absent

Excused

Abstained

Co-Sponsors

S3582 (ACTIVE) - Details

See Assembly Version of this Bill:: A2374
Law Section:: General Business Law
Laws Affected:: Amd §380-t, Gen Bus L
Versions Introduced in 2017-2018 Legislative Session:: S6923, A8695

S3582 (ACTIVE) - Summary

Relates to requiring a consumer credit reporting agency to offer identity theft prevention and mitigation services in the case of a breach of the security of such agency's system.

S3582 (ACTIVE) - Sponsor Memo

 
BILL NUMBER: S3582

SPONSOR: COMRIE
 
TITLE OF BILL:

An act to amend the general business law, in relation to requiring a
consumer credit reporting agency to offer identity theft prevention and
mitigation services in the case of a breach of the security of such
agency's system

 
PURPOSE OR GENERAL IDEA OF BILL:

This bill would provide reasonable consumer protections following a
breach of consumer credit data at a credit reporting agency (CRA), when
such a breach involves social security numbers.

 
SUMMARY OF SPECIFIC PROVISIONS:

Section 1 amends subdivision n of section 380-t of the general business
law by adding a new paragraph 3 that would require that when a credit
reporting agency suffers a breach of information containing consumer

social security numbers, the CRA must provide lifetime identity theft
prevention services, and if applicable, identity theft mitigation
services to affected customers. Additionally, this new paragraph would
prohibit fees relating to the implementation and lifting of security
freezes on consumer credit reports, if those reports were part of a
breach of information containing social security numbers.

Section 2 amends subdivision q of section 380-t of the general business
law by including new language to be included in a consumers summary of
rights CRAs must provide consumers on credit freezes to inform them that
in the instance of a breach of date involving a social security number,
that a consumer has the right to freeze their credit at no cost.

Section 3 sets the effective date.

 
JUSTIFICATION:

In late July 2017, one of the three main CRAs, Equifax Inc., experienced
a major data breach involving personal information that included theft
of social security numbers. At the time it was widely reported to impact
over 140 million accounts, but the full extent of the breach is still
uncertain. CRAs have been the subject of public scrutiny in years past
for their inaccurate files kept on unknowing consumers and the cumber-
some process they subject average people to in order to rectify such
errors. The magnitude of this breach won't be known for years, but the
status quo where consumers must bear the burden to protect their own
identities is unacceptable. To date, Equifax has offered to waive fees
for security freezes for a short time period, and offered 12 months of
identity theft prevention services at no charge. This response is simply
insufficient given that innocent people's information was stolen through
no fault of their own. This legislation aims to establish the minimal
amount of long term protection consumers could ask for, and even still
it is just that, the bare minimum.

 
PRIOR LEGISLATIVE HISTORY:

2017-18- A.8695A - Passed Assembly/S.6923A - Referred to Consumer
Protection
 
FISCAL IMPLICATIONS TO THE STATE:

None to the state.

 
EFFECTIVE DATE:
This act shall take effect on the sixtieth day after it shall have
become a law and shall apply to any breach of the security of a consumer
credit reporting agency that occurred no more than three years prior to
the effective date of this act.

S3582 (ACTIVE) - Bill Text download pdf


                    S T A T E   O F   N E W   Y O R K
________________________________________________________________________

                                  3582

                       2019-2020 Regular Sessions

                            I N  S E N A T E

                            February 11, 2019
                               ___________

Introduced  by  Sen.  COMRIE -- read twice and ordered printed, and when
  printed to be committed to the Committee on Consumer Protection

AN ACT to amend the general business law, in  relation  to  requiring  a
  consumer  credit  reporting  agency to offer identity theft prevention
  and mitigation services in the case of a breach  of  the  security  of
  such agency's system

  THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
BLY, DO ENACT AS FOLLOWS:

  Section 1. Subdivision (n) of section 380-t of  the  general  business
law is amended by adding a new paragraph 3 to read as follows:
  (3)(I) UPON A BREACH OF THE SECURITY OF THE SYSTEM OF A CONSUMER CRED-
IT  REPORTING  AGENCY  WHICH  INCLUDES  ANY SOCIAL SECURITY NUMBER, SUCH
AGENCY SHALL OFFER TO EACH CONSUMER, WHOSE INFORMATION, INCLUDING SOCIAL
SECURITY NUMBER, WAS BREACHED OR IS REASONABLY  BELIEVED  TO  HAVE  BEEN
BREACHED, REASONABLE IDENTITY THEFT PREVENTION SERVICES AND, IF APPLICA-
BLE,  IDENTIFY THEFT MITIGATION SERVICES FOR A PERIOD NOT TO EXCEED FIVE
YEARS AT NO COST TO SUCH CONSUMERS. SUCH AGENCY SHALL PROVIDE ALL INFOR-
MATION NECESSARY FOR SUCH CONSUMERS TO ENROLL IN SUCH SERVICES AND SHALL
INCLUDE INFORMATION ON HOW SUCH CONSUMERS CAN REQUEST A SECURITY FREEZE.
A CONSUMER CREDIT REPORTING AGENCY SHALL NOT BE REQUIRED TO  OFFER  SUCH
SERVICES  IF,  AFTER AN APPROPRIATE INVESTIGATION, THE AGENCY REASONABLY
DETERMINES THAT THE BREACH OF SECURITY IS UNLIKELY TO RESULT IN HARM  TO
THE CONSUMERS WHOSE INFORMATION HAS BEEN BREACHED.
  (II)  "BREACH OF THE SECURITY OF THE SYSTEM" AS USED IN THIS PARAGRAPH
SHALL HAVE THE SAME DEFINITION AS IN PARAGRAPH (C) OF SUBDIVISION ONE OF
SECTION EIGHT HUNDRED NINETY-NINE-AA OF THIS CHAPTER.
  § 2.  This act shall take effect on the sixtieth day  after  it  shall
have  become  a law and shall apply to any breach of the security of the
system of a consumer credit reporting agency that occurred no more  than
three years prior to the effective date of this act.

 EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                      [ ] is old law to be omitted.
                                                           LBD01262-01-9

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.

The New York State Senate

senate Bill S3582

Sponsored By

Archive: Last Bill Status Via A2374 - Signed by Governor

Your Voice

Actions

Votes

Jun 19, 2019 - floor Vote

Floor Vote: Jun 19, 2019

May 21, 2019 - Consumer Protection committee Vote

Consumer Protection Committee Vote: May 21, 2019

Co-Sponsors

S3582 (ACTIVE) - Details

S3582 (ACTIVE) - Summary

S3582 (ACTIVE) - Sponsor Memo

S3582 (ACTIVE) - Bill Text download pdf

Comments

senate Bill S3582

Share this bill

Sponsored By

Leroy Comrie

Archive: Last Bill Status Via A2374 - Signed by Governor

Your Voice

Actions

Votes

Jun 19, 2019 - floor Vote

Floor Vote: Jun 19, 2019

May 21, 2019 - Consumer Protection committee Vote

Consumer Protection Committee Vote: May 21, 2019

Co-Sponsors

David Carlucci

Anna M. Kaplan

S3582 (ACTIVE) - Details

S3582 (ACTIVE) - Summary

S3582 (ACTIVE) - Sponsor Memo

S3582 (ACTIVE) - Bill Text download pdf

Comments