An amendment to New Jersey’s data breach notification requirements of the Consumer Fraud Act is currently awaiting signature by State Governor Phil Murphy. The bill, Assembly No. 3245, was recently passed by both the New Jersey Senate and Assembly. If signed into law as expected, the amendment will expand the definition of personal information to include “user name, email address, or any other account holder identifying information, in combination with any password or security question and answer that would permit access to an online account.” In turn, it would require businesses to notify consumers of online account security breaches – thereby eliminating a business’s ability, under the current law, to avoid notifying consumers when there is a breach of online information. The bill’s statement indicates that its purpose is to provide consumers with the opportunity to quickly change online account information to prevent outside access to online accounts, and to put consumers on notice to monitor for potential identity theft.
Posts from March 2019.