From Assemblymember James Brennan
Brennan Law Fights Identity Theft
Over 200,000 New Yorkers now know that they have been exposed to identity theft because of a new state law sponsored by the Chair of the Oversight Committee, Assemblymember James Brennan. The new law, the Information Security Breach and Notification Act, took effect on December 7, 2005. Until now, companies that suffered computer break-ins were not required to notify people when customer information was stolen. The new law requires companies to contact people when their private information like Social Security, driver’s license, or credit card numbers are exposed.
In many ways 2005 will be remembered as the year of the computer breach — so the enactment of this law could not be more timely. Assemblymember Brennan (D-Brooklyn) was active in pursuing companies that suffered serious breaches but did not initially notify customers. One of these was a large data broker called Choice Point. Brennan called for an immediate halt to state contracts with Choice Point after it was revealed that over 125,000 people, 9,000 of them New Yorkers, were the victims of a security breach at Choice Point. Over the course of several months, Brennan tracked other notable cases — and the results were startling. In just the first six months of 2005, over six million people were exposed to identity theft nationwide due to security breaches at large information brokers or financial institutions. Assemblymember Brennan said, “Until now, identity theft was often an unseen crime — though not a victimless one — because companies and the government did not need to notify New Yorkers when their information was stolen. Now New Yorkers will be notified, which makes turning a profit off of identity theft that much harder.”
The new law :
The bill was supported by Consumer’s Union, The Privacy Rights Clearinghouse and NYPIRG. All saw it as a great first step in preventing Identity Theft. The Privacy Rights Clearinghouse probably said it most clearly:
Early notice. . .means that if identity theft has already occurred, individuals can stop the bleeding. When identity theft cases are discovered early on, surveys show that victims are able to regain their financial health much more quickly. . .The “information security breach and notification act” is good public policy.
“All efforts to stop computer thefts of personal information must be pursued. This important law means prompt notification to individuals whose information is taken. Perhaps, as importantly, it should mean greater efforts by business and government to protect information from being taken in the first place. When you have thousands of New Yorkers victimized by identity thieves, and you can stop that, you have to do what’s right,” Assemblymember Brennan concluded.
|PUBLIC EYE #10 (December 2005) is the second in a series of updates from Assemblymember James Brennan detailing his work as Chair of the NYS Assembly Oversight, Analysis and Investigation Committee. Other issues will follow. The Committee is charged with reviewing implementation and adequacy of laws and programs to ensure compliance by the public and government agencies. Through its monitoring and investigative activities, it seeks to determine whether programs are operating as required and whether funds allocated for programs are spent effectively, efficiently and in accordance with legislative intent.|
New York State Assembly
[ Welcome Page ] [ Committee Updates ]