Page of | Results - of

Main image for news
Insight

New Jersey Enacts Sweeping Data Privacy Law, Targets Selling of Personal Information

By David Finz, Alliant Specialty Claims

New Jersey recently became the 13th state to enact a comprehensive data protection law, going beyond breach notification to encompass standards for the collection, sharing and disposal of data.

The legislation seeks to crack down on the use of personal information by so-called “data brokers,” requiring businesses who trade in such data to provide an opt-out mechanism to consumers that is clear and conspicuous. Consumers will also have a right to know what data is being held on them, so that they can correct or delete any incorrect information. Such businesses must limit the collection of personal data to what is relevant to the conduct of their business, and they must notify consumers of the specific purposes for which their data is being processed. Importantly, this includes consumer financial data. The law applies to organizations that hold data on at least 100,000 individuals; for those that generate revenue from such data, the threshold is lowered to 25,000 persons. Data that is processed solely for the purpose of completing a business transaction is exempt from the new requirements.

What is perhaps most striking about the new law is the “Universal Opt-Out Mechanism,” which allows consumers to opt out of not only targeted ads and the sale of their data, but also user profiling. Businesses cannot collect personal data on children between the ages of 13 and 16 unless they affirmatively opt-in to the collection of such data.

Do businesses need to take any action?
Businesses should review their current data collection practices with privacy counsel to determine what steps they need to take to remain in compliance with this new law. Companies should also expect underwriters to scrutinize data collection practices even more closely at their upcoming cyber insurance renewals.

Following just behind New Jersey, a similar bill just passed both houses of the New Hampshire legislature and currently awaits the governor’s signature. If the bill is signed into law, New Hampshire will become the 14th state with its own data protection statute, making passage of a federal law more challenging.

How Can Alliant Help?
Alliant Specialty Claims is ready to engage with your organization today, to assist you in identifying and realizing your risk management objectives. Our multi-disciplinary team accomplishes this through our accelerated model of engagement, prioritization and targeted results. Reach out today to begin your journey toward optimized insurability outcomes, enabled by Alliant Specialty Claims.

 

Alliant note and disclaimer: This document is designed to provide general information and guidance. Please note that prior to implementation your legal counsel should review all details or policy information. Alliant Insurance Services does not provide legal advice or legal opinions. If a legal opinion is needed, please seek the services of your own legal advisor or ask Alliant Insurance Services for a referral. This document is provided on an “as is” basis without any warranty of any kind. Alliant Insurance Services disclaims any liability for any loss or damage from reliance on this document.