- The NYS Senate and Assembly are actively considering the NY Privacy Act, and may vote to approve it before the legislative session ends on June 8.
- The bill, while still under discussion and in flux, would impose strict new disclosure and licensing requirements on legal entities that access, collect, and/or sell data from online sources. A brief summary of key provisions is below.
Bill Summary:
- The NY Privacy Act will require companies to obtain explicit consent from consumers before processing their personal and sensitive data.[1]
- The law will apply to most for-profit and nonprofit businesses, with some exceptions, that conduct business in New York State or produce products or services targeted to residents in NYS.
- Consumer rights include:
- Notice of how their data is processed and sold
- Right to opt-out
- Ability to request access and obtain a copy of their data in an electronic format
- Ability to ask for the deletion or correction of data
- Private right of action against companies for violating their privacy
- “Personal” data refers to any data that identifies or could be linked with a specific person or household.
- “Sensitive” data refers to personal data that reveals:
- Racial or ethnic origin
- Religious beliefs
- Mental or physical health condition
- Sexual orientation or sex life
- Citizenship or immigration status
- Genetic or biometric information for the purpose of identifying a person
- Precise geolocation data
- Social security, financial account, passport, or driver’s license numbers.
- Businesses will be obligated to regularly conduct data protection assessments for activities that present a heightened risk of harm to consumers, and must develop “reasonable safeguards” to protect the security of the consumer data.
- Companies are also not permitted to discriminate against consumers for exercising their data rights, such as opting out of data sharing.
- Companies will be required to register and pay an annual fee to the Attorney General and submit information regarding their use practices.
- The AG will maintain a “data broker registry” on its website.
- If passed, most aspects of the bill shall take effect two years after becoming law.
- However, the private right of action will take effect three years after the law is passed.
Background:
- Thomas has been the primary champion of this bill, and he also introduced it in the 2021-2022 and 2019-2020 legislative session.
- AM Rozic is the Assembly sponsor in the 23-24 session.
- AM Rosenthal sponsored the bill in 19-20 but has not sponsored it since.
- Many other states are considering data privacy bills in the absence of a federal privacy law; however, New York’s is unique in the private right of action.[2]
- At this point in 2023, 16 other states have proposed or passed data privacy laws with varying degrees of protection.[3]
[1] https://www.nysenate.gov/legislation/bills/2023/S365#:~:text=S365%20%2D%20Summary,whom%20their%20information%20is%20shared.
[2] https://www.politico.com/news/2023/02/22/statehouses-privacy-law-cybersecurity-00083775
[3] https://www.rila.org/blog/2023/04/states-continue-to-pass-major-privacy-legislation
About Cozen O’Connor Public Strategies
Cozen O’Connor Public Strategies, an affiliate of the international law firm Cozen O’Connor, is a bipartisan government relations practice representing clients before the federal government and in cities and states throughout the country. With offices in Washington D.C., Richmond, Albany, New York City, Philadelphia, Harrisburg, Chicago, and Santa Monica, the firm’s public strategies professionals offer a full complement of government affairs services, including legislative and executive branch advocacy, policy analysis, assistance with government procurement and funding programs, and crisis management. Its client base spans multiple industries, including healthcare, transportation, hospitality, education, construction, energy, real estate, entertainment, financial services, and insurance.
About Cozen O’Connor
Established in 1970, Cozen O’Connor has over 775 attorneys who help clients manage risk and make better business decisions. The firm counsels clients on their most sophisticated legal matters in all areas of the law, including litigation, corporate, and regulatory law. Representing a broad array of leading global corporations and middle-market companies, Cozen O’Connor serves its clients’ needs through 31 offices across two continents.
Explore Articles and News
See All News-
Broad Street Brief: City Council Talks Illegal Car Meetups, Rec Center Resources
October 3, 2024
City Hall City Council, Police Discuss Methods to Curb Illegal Car Meetups On Tuesday, the City Council Public Safety and Streets & Services Committees...Read More -
Pennsylvania Perspective for Thursday, October 3, 2024
October 3, 2024
Pennsylvania Gov Shapiro. Signs 3 Bills Into Law Governor Josh Shapiro signed three bills into law on Wednesday, establishing the capital budget for fiscal...Read More -
Patrick Martin Breaks Down Vance-Walz VP Debate on NBC Chicago
October 2, 2024
Patrick Martin, Executive Vice President of Cozen O’Connor Public Strategies, joined NBC Chicago to analyze last night’s vice presidential debate between Senator JD Vance...Read More