The New York Department of Financial Services (“NY DFS”) published an updated proposed Second Amendment to its Cybersecurity Regulation (23 NYCRR Part 500) in the New York State Register on June 28, 2023, updating its previous proposed Second Amendment, which was published November 9, 2022. While the language proposed is largely similar to the previous […]
data breach
SHIELD Act Overhauls New York’s Data Breach Notification Framework
On October 23, 2019, New York’s new breach notification provisions came into effect, a result of New York’s passage of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) in July. That Act overhauled New York’s data privacy framework, expanding the list of data elements that are considered “private information” while growing the […]
The CCPA Could Reset Data Breach Litigation Risks
A&B Abstract: While much has been written about the California Consumer Privacy Act (CCPA), the focus has primarily been on the new rights it affords California consumers to have access to and control use of their data and opt out of many transfers to third parties. While this is a sea change in data privacy […]
Washington State Expands Data Breach Notification Law
Effective March 1, 2020, Washington State House Bill 1071 amends the state’s data breach notification law, expanding the categories of consumer information the unauthorized access of which would trigger notification requirements. Under current law, any person or business conducts business in Washington State and that owns or licenses data that includes personal information to provide […]