New Jersey Assembly Democrats:Assembly Panel Clears Caputo & Murphy Bill Requiring Disclosure of Online Security Breaches

FOR RELEASE                                                                   CONTACT
12/3/2018                                                                              Press office
                                                                                         (609) 847-3500

Assembly Panel Clears Caputo & Murphy Bill Requiring Disclosure of Online Security Breaches

Bill is in Response to Recent Data Breaches of Big Name Companies


In the wake of the Marriott/Starwood Hotels data breach which may have exposed personal information of up to 500 million guests, a bill sponsored by Assembly Democrats Ralph Caputo and Carol Murphy that would require consumers to be notified of online account security breaches was approved Monday by an Assembly panel.

Current law requires businesses and public entities that compile digital information to notify consumers of breaches involving personal information, such as Social Security numbers, driver's license numbers, or credit and debit card information.

This bill (A-3245) would amend those standards to include usernames, email addresses, and any passwords or security questions and answers that would permit access to an online account.

Under the measure, if breaches occur, consumers would have the opportunity to change their online account information quickly and monitor for potential identity theft, according to Caputo.

"Protecting the security of online accounts is important for consumers, as a breach of security of these accounts can lead to the compromise of personal information and expose consumers to identity theft," said Caputo (D-Essex). "If an individual's personal information has become unwillingly available to someone else, they have the right to know as quickly as possible."

Data breaches happen almost daily. The latest high-profile breach impacted customers of Starwood Hotels and Resorts, a subsidiary of Marriott International. The company announced last week that an unauthorized party had access to the Starwood guest reservation database for four years. The database contained guest information which includes names, addresses, phone numbers, email addresses, passport numbers, date of birth, reservation dates, and credit and debit card information.

Other large companies like Yahoo!, Ebay, Equifax, and Target have been victims of data breaches in the past several years.

"Data breaches are an unfortunate side effect of the technological age in which we live. The reality is, many people give out their personal information when shopping or doing business online without a second thought," said Murphy (D-Burlington). "When those breaches inevitably occur, we have to make sure those potentially impacted have the chance to take steps to secure their information."

The Assembly Financial Institutions and Insurance Committee approved the bill; it will now go to the Assembly Speaker for further consideration. If signed into law, New Jersey would join six other states in implementing such legislation.
On the Net:
The Assembly Democratic Office Web site
NJ Assembly Dems on YouTube
NJ Assembly Dems on Vimeo
NJ Assembly Dems on Facebook
NJ Assembly Dems on Twitter
NJ Assembly Dems e-mail alerts