senate Bill S3582

Signed By Governor
2019-2020 Legislative Session

Relates to requiring a consumer credit reporting agency to offer identity theft prevention and mitigation services in the case of a breach of the security of such agency's system

download bill text pdf

Sponsored By

Archive: Last Bill Status Via A2374 - Signed by Governor


  • Introduced
  • In Committee
  • On Floor Calendar
    • Passed Senate
    • Passed Assembly
  • Delivered to Governor
  • Signed by Governor

Your Voice

do you support this bill?

Please enter your contact information

Home address is used to determine the senate district in which you reside. Your support or opposition to this bill is then shared immediately with the senator who represents you.

Optional services from the NY State Senate:

Create an account. An account allows you to officially support or oppose key legislation, sign petitions with a single click, and follow issues, committees, and bills that matter to you. When you create an account, you agree to this platform's terms of participation.

Include a custom message for your Senator? (Optional)

Enter a message to your senator. Many New Yorkers use this to share the reasoning behind their support or opposition to the bill. Others might share a personal anecdote about how the bill would affect them or people they care about.

Actions

view actions (11)
Assembly Actions - Lowercase
Senate Actions - UPPERCASE
Jul 25, 2019 signed chap.115
Jul 22, 2019 delivered to governor
Jun 19, 2019 returned to assembly
passed senate
3rd reading cal.870
substituted for s3582
Jun 19, 2019 substituted by a2374
May 29, 2019 advanced to third reading
May 22, 2019 2nd report cal.
May 21, 2019 1st report cal.870
Feb 11, 2019 referred to consumer protection

Co-Sponsors

S3582 (ACTIVE) - Details

See Assembly Version of this Bill:
A2374
Law Section:
General Business Law
Laws Affected:
Amd §380-t, Gen Bus L
Versions Introduced in 2017-2018 Legislative Session:
S6923, A8695

S3582 (ACTIVE) - Summary

Relates to requiring a consumer credit reporting agency to offer identity theft prevention and mitigation services in the case of a breach of the security of such agency's system.

S3582 (ACTIVE) - Sponsor Memo

S3582 (ACTIVE) - Bill Text download pdf


                    S T A T E   O F   N E W   Y O R K
________________________________________________________________________

                                  3582

                       2019-2020 Regular Sessions

                            I N  S E N A T E

                            February 11, 2019
                               ___________

Introduced  by  Sen.  COMRIE -- read twice and ordered printed, and when
  printed to be committed to the Committee on Consumer Protection

AN ACT to amend the general business law, in  relation  to  requiring  a
  consumer  credit  reporting  agency to offer identity theft prevention
  and mitigation services in the case of a breach  of  the  security  of
  such agency's system

  THE  PEOPLE OF THE STATE OF NEW YORK, REPRESENTED IN SENATE AND ASSEM-
BLY, DO ENACT AS FOLLOWS:

  Section 1. Subdivision (n) of section 380-t of  the  general  business
law is amended by adding a new paragraph 3 to read as follows:
  (3)(I) UPON A BREACH OF THE SECURITY OF THE SYSTEM OF A CONSUMER CRED-
IT  REPORTING  AGENCY  WHICH  INCLUDES  ANY SOCIAL SECURITY NUMBER, SUCH
AGENCY SHALL OFFER TO EACH CONSUMER, WHOSE INFORMATION, INCLUDING SOCIAL
SECURITY NUMBER, WAS BREACHED OR IS REASONABLY  BELIEVED  TO  HAVE  BEEN
BREACHED, REASONABLE IDENTITY THEFT PREVENTION SERVICES AND, IF APPLICA-
BLE,  IDENTIFY THEFT MITIGATION SERVICES FOR A PERIOD NOT TO EXCEED FIVE
YEARS AT NO COST TO SUCH CONSUMERS. SUCH AGENCY SHALL PROVIDE ALL INFOR-
MATION NECESSARY FOR SUCH CONSUMERS TO ENROLL IN SUCH SERVICES AND SHALL
INCLUDE INFORMATION ON HOW SUCH CONSUMERS CAN REQUEST A SECURITY FREEZE.
A CONSUMER CREDIT REPORTING AGENCY SHALL NOT BE REQUIRED TO  OFFER  SUCH
SERVICES  IF,  AFTER AN APPROPRIATE INVESTIGATION, THE AGENCY REASONABLY
DETERMINES THAT THE BREACH OF SECURITY IS UNLIKELY TO RESULT IN HARM  TO
THE CONSUMERS WHOSE INFORMATION HAS BEEN BREACHED.
  (II)  "BREACH OF THE SECURITY OF THE SYSTEM" AS USED IN THIS PARAGRAPH
SHALL HAVE THE SAME DEFINITION AS IN PARAGRAPH (C) OF SUBDIVISION ONE OF
SECTION EIGHT HUNDRED NINETY-NINE-AA OF THIS CHAPTER.
  § 2.  This act shall take effect on the sixtieth day  after  it  shall
have  become  a law and shall apply to any breach of the security of the
system of a consumer credit reporting agency that occurred no more  than
three years prior to the effective date of this act.

 EXPLANATION--Matter in ITALICS (underscored) is new; matter in brackets
                      [ ] is old law to be omitted.
                                                           LBD01262-01-9

Comments

Open Legislation is a forum for New York State legislation. All comments are subject to review and community moderation is encouraged.

Comments deemed off-topic, commercial, campaign-related, self-promotional; or that contain profanity, hate or toxic speech; or that link to sites outside of the nysenate.gov domain are not permitted, and will not be published. Attempts to intimidate and silence contributors or deliberately deceive the public, including excessive or extraneous posting/posts, or coordinated activity, are prohibited and may result in the temporary or permanent banning of the user. Comment moderation is generally performed Monday through Friday. By contributing or voting you agree to the Terms of Participation and verify you are over 13.