In The News

NY Data Security Law Boosts Liability as Cyberattacks Surge


16 Apr 2020

Kristen Mathews spoke to Law360 for an article covering New York’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act), that requires companies to fortify their data security programs, significantly expanding businesses’ liability risks and forcing them to take a look at how they’re protecting personal data at a time when hackers are seizing on the coronavirus pandemic to launch a fresh wave of attacks.

According to Kristen, the attorney general is most likely to act in instances where “a business has had a data breach or has suffered a cybersecurity vulnerability that has become public.”

Kristen also noted that the law includes the novel requirement for businesses to dispose of sensitive personal information within a reasonable amount of time after it is no longer needed for business purposes, a task that “may present a challenge for businesses that retain records in filing cabinets, archival tapes, and in unstructured digital formats.”

Read the full article.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.