On March 21, 2017, New York Attorney General (NYAG) Eric T. Schneiderman announced that his office had received a record breaking 1,282 data breach notices to his office affecting 1.6 million New York residents during 2016. Compared to 2015, these figures represent a 60 percent increase in the number of notices and a 300 percent […]
State Attorneys General
Nebraska Makes Changes to Data Breach Statute
Nebraska Governor Pete Ricketts has signed LB835 into law, updating the state’s data breach notification statute. The changes take effect on July 20, 2016. With the updates, Nebraska joins a growing number of states that include a username or email in combination with a password or security question and answer that would permit access to […]
Illinois Governor Vetoes Data Protection Bill; Suggests Revisions
Illinois Governor Bruce Rauner vetoed a bill amending the state’s data breach notification law on August 21, 2015, saying in a letter to the General Assembly that the bill “goes too far, imposing duplicative and burdensome requirements that are out-of-step with other states.” The bill, S.B. 1833, would have amended Illinois’ Personal Information Protection Act […]
RadioShack Agrees to Significant Limitations in Sale of Customer Data Following Pressure from State Regulators and the FTC
In what may become viewed as the de facto standard for selling customer information in bankruptcies, a Delaware bankruptcy court approved, on May 20, 2015, a multi-party agreement that would substantially limit RadioShack’s ability to sell 117 million customer records. The agreement was entered into by RadioShack Corp., General Wireless Inc., and 17 state attorney generals as […]