New Jersey Data Privacy and Cyber Security: Survey of Pending Legislation

Financial Institutions and Insurance Law Alert

Introduction

This Alert identifies bills currently pending before the United States Congress and the New Jersey state legislature that address “data privacy” and “cyber security” – two concepts that are similar, but distinct. To appreciate the intersections and distinctions between “data privacy” and “cyber security,” it is helpful to review what these words mean. To do so, it is perhaps apropos to turn to data giant Google for the pertinent, everyday definitions (none of which are controversial).

According to Google’s dictionary, “Data” means “facts and statistics collected together for reference or analysis.” “Privacy” is “the state or condition of being free from being observed or disturbed by other people.” Google defines “Cyber” as “relating to or characteristic of the culture of computers, information technology, and virtual reality.” Last, “Security” is “the state of being free from danger or threat.”

With these concepts in mind, it is possible to imagine the various “facts and statistics” that we take for granted each day – and that we willingly turn over to those who observe or disturb us. As one might presume from the recent deluge of bills and proposed rules (introduced below), these “facts and statistics” have great value to many observers and disturbers. It follows that, with the advent of the culture of computers, information technology, and virtual reality, one need not look far to realize that companies and individuals are ripe targets for danger and threat. For New Jersey businesses, the proposed rules and laws discussed below should jumpstart introspection about whether or not you are low-hanging fruit for a data breach – and the epic penalties such incidents portend.

To read the full alert, please click here.