Skip to main content

Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About
Trending Topics
    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Entertainment & Media
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor, Employment, and Benefits
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations
    Industries

    View All

    • Aviation
    • Cannabis
    • Consumer
    • Energy
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Nonprofit Organizations
    • Real Estate
    • Sports & Stadiums
    • Technology
    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Environmental, Social, and Governance (ESG)

      We help clients create positive return on investments in people, products, and the planet.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    • Women in Dealmaking

      We provide strategic counsel on complex corporate transactions and unite dynamic women in the dealmaking arena.

    1. Home
    2. Insights
    3. Videos
    4. What companies should know about the New York SHIELD Act

      Videos

    What companies should know about the New York SHIELD Act

    May 31, 2023

    LinkedInX (Twitter)EmailCopy URL

    By Christopher Mason, Jenny Holmes and Jason Kravitz

    Regulators across New York are actively enforcing the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or the Act) and imposing hefty penalties on companies that fail to comply. Chris Mason breaks down the unique requirements of this Act and what it means for businesses in New York and beyond.

    Welcome to another episode of A Little Privacy, Please!® We’re delighted to welcome our guest today, Chris Mason, a complex commercial disputes partner resident in Nixon Peabody’s New York City office. Chris is head of the firm’s Class Actions team, an active member of our Cybersecurity & Data Privacy team, and a go-to colleague on the latest trends and technologies. He represents consumer products, technology, financial services, private equity, and industrial companies in litigation and complex disputes.

    Chris is currently tracking enforcement actions taking place under the SHIELD Act. He’ll share more about what your business should know about this important regulation.

    Chris, tell us about the New York SHIELD Act.

    The New York SHIELD Act is the Stop Hacks and Improve Electronic Data Privacy Act. It’s been in effect for a number of years in New York, and it’s our basic breach statute. It involves a situation where there’s a breach of personal information by a company. The Act requires that people be given notice of it in most instances, and there are penalties for companies that don’t give notice and there are penalties for companies that don’t have adequate protections to prevent breaches of personal and private information. The Act is different than that in some other states because it is uniquely for our attorney general. It does not have a private right of action, so it’s not, for example, like California’s CCPA (California Consumer Privacy Act), and you’ll think that’s a good thing, and it is on average. I just have to warn you that doesn’t mean that there are no private lawsuits in New York that are sometimes based on that Act.

    Who should be aware of this regulation, and what happens if someone doesn’t comply with it?

    Every business in New York needs to be aware of the regulation and nonprofit entities as well. If you have a breach and you don’t respond to it appropriately, the good thing is there’s a mechanism on the attorney general’s website for reporting. However, if you don’t do that correctly, you’re going to be subject to sanctions that can range from a few dollars up to $250 thousand. And in addition, if you don’t have adequate security for personal and private information, then you’re going to get a fine that could be up to $500 thousand per instance of violation.

    Is there maybe one thing that you can recommend that a New York business should do in order and try to comply with it?

    What you really have to do is examine your cybersecurity at the physical, online, and data security levels. Do each of those things and make sure you’re taking reasonable steps to protect the private information of the people with whom you deal.

    A Little Privacy, Please!

    Locations

    New York City

    Practices

    Cybersecurity & PrivacyComplex DisputesClass Actions & Aggregate Litigation

    Insights And Happenings

    • Video

      Cyber war games with Sarah Gosler

      Cybersecurity & Privacy
      July 31, 2023
    • Video

      The next generation of privacy lawyer

      Cybersecurity & Privacy
      July 25, 2023
    • Video

      HR's role in cybersecurity

      Cybersecurity & Privacy
      July 18, 2023
    The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • Cookie Preferences
    • Privacy Policy
    • Terms of Use
    • Accessibility Statement
    • Statement of Client Rights
    • Purchase Order Terms & Conditions
    • Nixon Peabody International LLC
    • PAL
    © 2025 Nixon Peabody. All rights reserved