New York State Assembly

Bill No.:  

 
•  Summary 
 
•  Actions 
 
•  Committee Votes 
 
•  Floor Votes 
 
•  Memo 
 
•  Text 
 
•  LFIN 
 
•  Chamber Video/Transcript 

---

S06912 Summary:

BILL NO	S06912
SAME AS	SAME AS A08782
SPONSOR	CARLUCCI
COSPNSR
MLTSPNSR
Amd §899-a, Gen Bus L
Provides that if the person or business providing the notification was the source of the breach, an offer to provide appropriate identity theft prevention and mitigation services, shall be provided at no cost to the affected person for not less than 12 months, along with all information necessary to take advantage of the offer to any person whose information was or may have been breached if the breach exposed or may have exposed personal information.

Go to top    

---

S06912 Actions:

BILL NO	S06912
10/13/2017	REFERRED TO RULES
01/03/2018	REFERRED TO CONSUMER PROTECTION

Go to top

---

S06912 Committee Votes:

Go to top

---

S06912 Floor Votes:

Go to top

---

S06912 Text:

 
                STATE OF NEW YORK
        ________________________________________________________________________
 
                                          6912
 
                               2017-2018 Regular Sessions
 
                    IN SENATE
 
                                    October 13, 2017
                                       ___________
 
        Introduced  by Sen. CARLUCCI -- read twice and ordered printed, and when
          printed to be committed to the Committee on Rules
 
        AN ACT to amend the general business law, in relation to credit monitor-
          ing services
 
          The People of the State of New York, represented in Senate and  Assem-
        bly, do enact as follows:

     1    Section  1.  Subdivision  7  of section 899-aa of the general business
     2  law, as added by chapter 442 of the laws of 2005, is amended to read  as
     3  follows:
     4    7.  Regardless  of the method by which notice is provided, such notice
     5  shall include contact information for the person or business making  the
     6  notification  and  a  description  of the categories of information that
     7  were, or are reasonably believed to have  been,  acquired  by  a  person
     8  without  valid  authorization,  including  specification of which of the
     9  elements of personal information and private information  were,  or  are
    10  reasonably  believed  to have been, so acquired.  If the person or busi-
    11  ness providing the notification was the source of the breach,  an  offer
    12  to   provide   appropriate  identity  theft  prevention  and  mitigation
    13  services, shall be provided at no cost to the affected  person  for  not
    14  less  than  twelve  months, along with all information necessary to take
    15  advantage of the offer to any person whose information was or  may  have
    16  been  breached if the breach exposed or may have exposed personal infor-
    17  mation as defined in subdivision one of this section.
    18    § 2. This act shall take effect immediately.
 
 
 
         EXPLANATION--Matter in italics (underscored) is new; matter in brackets
                              [ ] is old law to be omitted.
                                                                   LBD13605-01-7

Go to top