The New York State Legislature recently passed a new bill in order to strengthen its data breach policies. The new bill, dubbed as Stop Hacks and Improve Electronic Data Security Act (SHIELD), provides more transparency to consumers while also impose stringent penalties on companies without proper cybersecurity measures.
According to the Attorney General Letitia James, the SHIELD Act will update the state’s breach notification laws, expand the current notification requirements for companies, increase penalties for liable companies, and increase the rights of consumers in the event of a breach. The new bill imposes tough obligations on businesses that handle sensitive data of customers. The businesses are required to maintain reasonable data security measures in case they’re collecting personal data from the customers.
“Consumers deserve the peace of mind that their private information is secure,” said Attorney General Letitia James. “That’s why my office has been working hard this session to modernize our outdated laws governing data breaches. This bill is an important step forward providing greater protection for consumer’s private information and holding companies accountable for securing that data. I thank the sponsors of this bill, Senator Kevin Thomas and Assemblymember Michael DenDekker for their leadership in ushering this legislation through their respective chambers.”
“It is critical that our laws keep pace with the rapidly changing world of technology,” said State Senator Kevin Thomas.“I am proud to announce the passage of the SHIELD Act today, as it will allow for increased accountability and diligence in regards to consumer privacy. Now more than ever, it is important that businesses protect the private information of the consumers they serve.”
In order to boost cybersecurity and tackle next-generation cyber threats, the Singapore government recently updated the guidelines on data breach notification and accountability. Unveiled by the Personal Data Protection Commission (PDPC), the new guidelines are intended to help companies manage data breaches more effectively.
As per the new procedures, which are expected to be included in the upcoming data protection act, the companies in Singapore should not take more than 30 days to complete an investigation into a suspected data breach. The companies are also required to notify the authorities about the incident before 72 hours after discovering a data breach.
The PDPC stated the businesses are required to notify authorities if a breach affects more than 500 individuals. The data intermediaries also need to report potential data breaches to their parent organization within 24 hours after identifying a security incident.
Also, Vietnam lawmakers approved a new cybersecurity law that controls the Internet content and global tech companies operating in the country. The new cyber law, which came into effect on January 01, 2019, requires Facebook, Google, and other international tech firms to store local users’ data on local servers and set up offices in Vietnam.
The new law prohibits Internet users in Vietnam from spreading anti-government information and posting false information that could cause damage to the country. It also prevents the circulation of content that’s fake, slandering, or inciting violence.