Councilman Ben Kallos on Thursday reintroduced two pieces of legislation on behalf of Manhattan Borough President Gale Brewer aimed at ensuring that New Yorkers' personal information is protected in interactions with city agencies.
The first piece of legislation, related to personal information privacy, directs agencies collecting personal information to inform individuals about the legal framework for gathering personal information, the purpose of gathering it and how it will be used, codifies that agencies may not use data for purposes without an individual's permission and that agency officials should only have access to that personal information that is necessary for their duties, and directs agencies to ensure the security and confidentiality of systems containing personal data.
The second piece of legislation, related to personal information security, directs all agencies maintaining personal information records to implement a security program that details administrative, technical and physical safeguards protecting that data.
Brewer originally introduced the first piece of legislation in 2010, and the second in 2011, but timing issues prevented them from moving forward, she said.
In an interview, Kallos said the legislation was intended as a proactive measure, especially in light of increasing reports of data breaches in the private sector.
"A lot of people aren't paying attention to what data they are sharing," he said. "City agencies should only be collecting information that is necessary for their task.... If someone is applying for SNAP benefits...the only people who need to know that are them and the person [they] are applying to."
He said the legislation would not prevent the gathering of anonymized, aggregated data for research purposes, and that it was mandating measures that the city "should be engaged in anyway."