State Sen. Kevin Thomas (D) reintroduced the “New York Privacy Act” on Thursday. The bill, which has been referred to the state senate’s Consumer Protection Committee, would require companies to obtain consent from people before processing personal data, and allow consumers to get a list of entities that their information had been shared with.
It also would require companies to give people a copy of the data they have collected on them and give them the right to correct or delete that data. Thomas first introduced by the bill during the 2019-2020 session.
“Consumers should have a right to choose if and how their personal information is collected and used by companies,” Thomas said in a statement, adding: “And New Yorkers deserve to know that businesses who are collecting, processing, and protecting their personally identifiable information are doing so ethically and responsibly.”
The New York Privacy Act covers a lot of bases. Besides the ability for people to obtain, correct, or delete collected data, it also would require data brokers to register and pay a fee annually with the state’s attorney general. The registry would be available on the attorney general’s website.
Additionally, the bill specifically notes that companies would have to honor any privacy-specific options users have set up in their browser, browser plug-in, smartphone app, operating system, or device setting or any “other mechanism that communicates or signals the consumer’s choice not to be subject to target advertising or the sale of the personal data.”
Thomas’ bill is another example of states stepping up with data privacy bills in the absence of one at the federal level.