The proposed bill seeks to strengthen cybersecurity and consumer data protection in West Virginia by introducing two new articles: the Safe Harbor for Cybersecurity Programs and the Consumer Data Protection Act. It provides businesses with an affirmative legal defense against punitive damages in data breach lawsuits, contingent upon maintaining a written cybersecurity program that meets recognized industry standards. The bill also offers immunity to higher education institutions that conduct cybersecurity assessments for businesses. Additionally, it clarifies that no private cause of action is created under this article, thereby limiting the avenues for lawsuits related to cybersecurity compliance.
The Consumer Data Protection Act establishes a comprehensive framework for the management of personal data, detailing the responsibilities of data controllers and processors, and granting consumers rights to access, correct, delete, and manage their personal data. It mandates that controllers respond to consumer requests within 45 days and outlines conditions under which they may charge fees for excessive requests. The bill emphasizes the importance of consumer consent, particularly for sensitive data, and prohibits contractual provisions that limit consumer rights. Enforcement is primarily the responsibility of the Attorney General, who can impose civil penalties for non-compliance. Overall, the legislation aims to create a uniform and secure environment for data processing while enhancing consumer privacy rights.
Statutes affected: Introduced Version: 31A-8H-1, 31A-8H-2, 31A-8H-3, 31A-8H-4, 31A-8H-5, 46A-6O-1, 46A-6O-2, 46A-6O-3, 46A-6O-4, 46A-6O-5, 46A-6O-6, 46A-6O-7, 46A-6O-8, 46A-6O-9, 46A-6O-10, 46A-6O-11, 46A-6O-12, 46A-6O-13
Committee Substitute: 31A-8H-1, 31A-8H-2, 31A-8H-3, 31A-8H-4, 31A-8H-5, 46A-6O-1, 46A-6O-2, 46A-6O-3, 46A-6O-4, 46A-6O-5, 46A-6O-6, 46A-6O-7, 46A-6O-8, 46A-6O-9, 46A-6O-10, 46A-6O-11
Engrossed Committee Substitute: 31A-8H-1, 31A-8H-2, 31A-8H-3, 31A-8H-4, 31A-8H-5, 46A-6O-1, 46A-6O-2, 46A-6O-3, 46A-6O-4, 46A-6O-5, 46A-6O-6, 46A-6O-7, 46A-6O-8, 46A-6O-9, 46A-6O-10, 46A-6O-11