New York State’s long-awaited Cybersecurity Regulations for financial institutions were released last week by the New York State Department of Financial Services (“NYDFS”) for a 45-day public notice and comment period, starting Sept 28, 2016, after which the Regs will go into effect on January 1, 2017, unless modified, as codified at 23 NYCRR Part […]
Category: Legislation
Slew of State Data Breach Statutes in the Works
In the past two weeks we’ve reviewed proposed amendments or new data breach notification statutes from nearly a dozen states, including, Wyoming, Connecticut, Oregon, Hawaii, North Dakota, Montana, New York, and the data breach holdouts of New Mexico and Alabama. Stay tuned for our summaries. In short, though, AG notification is coming big time.
NYS Drafts Proposed “Virtual Currencies” Regulations
Following hearings early this year on bitcoin and the regulation of such non-sovereign currencies the NYS Department of Financial Services (“Dept”) has released proposed “Virtual Currencies” regulations, formerly noticed in the NYS Register as “Regulation of the Conduct of Virtual Currency Businesses,” No. DFS-29-14-00015-P), (“Regs”) for public comment, due 45 days after the official publication on […]
NYS Issues First “Bitcoin” Regulations – Good or Bad?
After holding hearings on bitcoin and virtual currencies this past January, the NYS Department of Financial Services (“DFS”) has released proposed regulations with direct impact on New York entities that deal with or accept virtual currencies. The Virtual Currencies regulations proposed will be published in the New York State Register’s July 23, 2014 edition, which begins a 45-day public […]
Then there were 47… Kentucky enacts data breach statute
Since 2010 the number of states with data breach notification statutes was stalled at 46. No longer. Kentucky is now the 47th state to enact a data breach notification statute, effective July 14, 2014. Kentucky’s new data breach notification statute, appearing in Ken. Rev. Stat. Chapter 365 (as amended by H.B. 232 on April 10, […]
Long awaited decision in FTC v. Wyndham Issued. FTC wins.
BREAKING: The long awaited decision in the ongoing FTC v. Wyndham Worldwide Corp federal district court case in New Jersey was issued last today by District Judge Salas. In brief Wyndham lost all three of its arguments presented and J. Salas denied its Motion to Dismiss. We’re reviewing the entire 42-page decision, available here, for […]
2014 Trends in State Data Breach Laws
A recent publication from the National Conference of State Legislatures has highlighted several intriguing trends with regards to recent and upcoming data breach legislation. Given most states reactive nature, the 2013 holiday season generated a “we must do something!” response in many state capitols following the front page data breaches of Target and Neiman Marcus. […]
