On January 12, 2015, President Obama introduced the Personal Data Notification & Protection Act to preempt state data breach notification laws. Presently, some 47 states have enacted data breach notification statutes which call upon firms whose data has been hacked or breached to give notice to those whose PII may be affected or compromised. The administration’s legislation would preempt all of those state statutes, so that firms do not have to adhere to fifty different sets of requirements, imposing instead a single federal notice requirement. The proposed legislation does not appear likely to impose or change the standards for liability for data breaches. A more comprehensive article on the proposed legislation is available here.</p
On January 12, 2015, President Obama introduced the Personal Data Notification & Protection Act to preempt state data breach notification laws. Presently, some 47 states have enacted data breach notification statutes which call upon firms whose data has been hacked or breached to give notice to those whose PII may be affected or compromised. The administration’s legislation would preempt all of those state statutes, so that firms do not have to adhere to fifty different sets of requirements, imposing instead a single federal notice requirement. The proposed legislation does not appear likely to impose or change the standards for liability for data breaches. A more comprehensive article on the proposed legislation is available here.
- Partner
Karen Painter Randall, formerly Certified by the Supreme Court of New Jersey as a Civil Trial Attorney and a partner at Connell Foley LLP, where she chairs the Cybersecurity, Data Privacy, and Incident Response Group. With extensive ...