If signed into law, a bipartisan bill sent by New Jersey legislators to Gov. Phil Murphy would expand data breach notification in the state, requiring companies to alert citizens to breaches of a wider range of personal identifiable information (PII), including user names, passwords, email addresses and security questions.

“When a data breach occurs and sensitive or confidential protected data is accessed or disclosed without authorization, we have a right to know,” Sen. Troy Singleton, D-Burlington, said after the bill he sponsored advanced from committee last year. “This bill’s notification requirement puts consumers on alert to monitor for potential identity theft and helps them to quickly change online account information and prevent outside access to the account.  This bill will bolster consumers’ rights to privacy and protection and instill a greater sense of security.”

Bill S-52 is one of a handful of initiatives that New Jersey lawmakers have proposed to bolster security and privacy. The legislature is also expected to mull A-3541, which will would require companies to alert customers to a breach within five days of discovering it.  A GDPR-like bill, S-2834, also sponsored by Singleton, would compel companies to inform users of their data collection practices and how information is shared.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.