Privacy & Information Security Law Blog

In a continuing effort to combat identity theft, New York recently enacted an amendment to the Penal Law making it a crime to impersonate another person or pretend to be a public servant by means of online communication.

Specifically, New York’s Internet impersonation law amends section 190.25 of the Penal Law by adding Subdivision 4, making it a crime to impersonate another person by electronic means, including through use of a website, with the intent to obtain a benefit or injure or defraud another person. It also prohibits using such electronic means to pretend to be a public ...

Massachusetts recently announced that it is extending the deadline for compliance with new state data security regulations. In consideration of the current economic climate, Massachusetts has extended its original compliance deadline of January 1, 2009. The new compliance deadline will be phased in. By May 1, 2009, companies that are subject to the regulations must generally comply with the new standards and must contractually ensure the compliance of their third-party service providers. In addition, by May 1, 2009, covered businesses must encrypt laptops containing personal information. By January 1, 2010, companies are required to have a written certification of compliance from their third-party service providers and must encrypt other company portable devices, such as memory sticks and PDAs.