Wednesday, April 24, 2019

Washington's privacy bill seems dead, but a data security bill passes

Privacy and data security law are essentially moving targets.  Take for example recent events in the state of Washington.

Last month, I wrote about a bill introduced in the state legislature of Washington that would mimic the California Consumer Privacy Act, but would be even more strict in some cases. 

It has been a rollercoaster ride for the bill's sponsor and supporters.  The bill originally enjoyed overwhelming support in the Senate, but later, after stalling in a House committee, the bill seemed dead; the state's Chief Privacy Officer thought the bill was doomed. 

Just days later, a data security bill was approved by the legislature and presented to the Governor for signature.  (It seems likely that the data security bill is being adopted instead of the privacy bill.)

As amended, the data security bill will:

  • expand the definition of "consumer information" for purposes of triggering the breach notification requirements;
  • address breaches that specifically involve usernames and passwords;
  • provide a 30-day notification timeframe; and
  • add information to be included in breach notifications.

You can read the data security bill here.


1 comment:

  1. This is really interesting blog on Data protection law india, You are a very skilled blogger. I've joined your rss feed and look forward to seeking more of your excellent post. Also, I've shared your web site in my social networks! Thank You!!!

    ReplyDelete