Vermont’s Breach Notice Obligations for Data Brokers Take Effect

By Richard NewmanJanuary 3, 2019

Vermont’s recent data broker legislation mandates that registration must take place prior to January 31, 2019.

The law defines a “data broker” as a business that “knowingly collects and sells or licenses to third parties the brokered personal information of a consumer with whom the business does not have a direct relationship.” Data brokers must maintain a record of “data broker breaches” and provide such information, as well as information about business operations, on an annual basis to the state as part of a new registration process.

Data brokers – businesses that aggregate data on individuals and sell or license it – will now have to set forth how they permit individuals to opt-out of having information collected, stored or disseminated. Data brokers will also have to, without limitation, develop and maintain comprehensive information security programs, train employees on computer security, encrypt transmitted records containing personal data sent across public networks.

Data broker breaches are defined more broadly that just “personal information.” For broker breaches, personal information also includes name, address, date of birth, place of birth, mother’s maiden name, and name or address of family members. The “broker breach” definition (i.e., when there is a duty to notify the state) imposes notice obligations when there is an unauthorized acquisition.  It does, however, contain encryption and good faith exceptions.

Takeaway: Marketers must bear in mind the law’s disclosure requirements for data brokers lay the foundation for a “deceptive act.” It requires notifying the state about a broader category of data breaches than what currently exists under the general breach notice obligations. Data brokers must register with state by end of January and national brokers should assume that they hold Vermonters’ data.

Informational purposes only. Not legal advice.

Other Stories You Might Like

3 Steps to Create Warm Leads for Your Sales Team
May 20, 2019, 4:14 pm

7 Inbound Marketing Techniques for a Successful Lead Generation Campaign – Infographic
May 6, 2019, 8:00 am

10 Ways a Facebook Group Can Increase Lead Generation
May 3, 2019, 8:00 am

Lead Generation and Nurturing: Where Are the Inflection Points Between ‘Give’ and ‘Ask’ for Your Brand?
May 2, 2019, 8:00 am

5 Quick Content Marketing Tactics for Fintech Lead Generation
May 1, 2019, 1:52 pm

The Beginner’s Guide to Direct-to-Consumer Marketing
April 30, 2019, 12:56 pm

4-Step Lead Generation Analysis to Optimize Sales Conversion
April 23, 2019, 8:00 am

Using Twitter Lead Generation Cards to Build Your Email Subscriber Lists
April 16, 2019, 11:03 am

5 Ways to Use AI to Make Your PPC Ads More Effective
April 10, 2019, 8:00 am

A Guide to Using Infographics for Lead Generation [Infographic]
April 9, 2019, 7:40 am

© 2019 Access Intelligence, LLC – All Rights Reserved. ||