Jump to main content
NY.gov Portal State Agency Listing
DOS, Consumer Protection logo DOS Home | About Us | Contact Us | Site Index | En Español | FOIL
Andrew M. Cuomo - Governor          
Consumer Topics A-Z Accessibility Disclaimer Privacy Policy
Information Privacy
CPB Depty Executive Director Lisa Harris-Eglin speaking at a podium with a projected screen featuring the CPB's logo

Information privacy is a key component of the New York State Consumer Protection Board's (CPB) mission. The Agency has created and distributed resources to educate the public, influence public policy, and assist individual consumers and businesses in addressing and mitigating the risks associated with the misuse of personally identifying information.

Think Privacy and Make Privacy Your Policy

The CPB urges consumers and businesses to "Think Privacy" by issuing help columns and tips on topics such as limiting the public display of Social Security numbers (SSNs), protecting the personal identity of deceased loved ones, and managing and responding to data security breaches.

In 2009, the CPB launched its "Make Privacy Your Policy" program which assists consumers in safeguarding their privacy online while playing games, booking travel, communicating through social networking sites, and engaging in other Internet-based activities. The initiative offers consumers guidance as they navigate websites and helps them identify whether their privacy might be compromised online. The program was supplemented with additional consumer guidance on supermarket discount cards ("Make Supermarket Privacy Your Policy") and business guidance related to data management ("Make Customer Privacy Your Policy.")

Behavioral Targeting

In the past year, the CPB held discussions with Google, Yahoo, and the Blue Kai data exchange to express constituent interests about the behavioral targeting practices of these companies - - especially those practices which utilized the sensitive data of children. Behavioral targeting uses information collected from an individual's web-browsing behavior and activities to deliver relevant advertisements to that individual.

The CPB also submitted comments to the Federal Trade Commission (FTC) in support of its "Exploring Privacy" workshop series, voicing the privacy concerns of New York residents relating to behavioral tracking and advertising, especially the collection and use of sensitive data and data about children. The CPB encouraged the FTC to promote a dialogue between industry and privacy advocates to bridge differences. The FTC agreed to include a special panel on children's data in its "Exploring Privacy" series and to consider special rules for the handling of children's sensitive information.

Social Security Number Protection -- Enterprise Policy

The CPB collaborated with the NYS Chief Information Officer & Office for Technology (CIO/OFT) and the NYS Office of Cyber Security & Critical Infrastructure Coordination (CSCIC) to provide guidance to State agencies required to comply with Section 96-A of the Public Officers Law (POL) relating to the collection and use of SSNs. The law became effective on January 1, 2010. This effort complemented the CPB's guidance offered to businesses complying with the Gerneral Buisness Law provisions dealing with the usage and display of Social Security numbers.

FTC and the Red Flags Rule

The CPB partnered with the FTC, the Center on Law and Information Policy of Fordham Law School, the New York City Department of Consumer Affairs, and others to sponsor a free, full-day identity theft workshop in New York City on April 29, 2009. The Chairperson and Executive Director offered opening remarks and CPB staff served on panels. Workshops provided a comprehensive approach to help businesses prevent identity theft and maintain data security. Experts discussed subjects including data security practices that deter identity thieves from obtaining personal information to open or access accounts, and telltale signs -- or red flags -- suggesting that thieves may be trying to use personally identifying information that they have already acquired. The CPB has advised small businesses on compliance issues and continues to maintain updated guidance about the Red Flags Rules on its website.

Data Privacy Day

On January 28, 2010, government officials, privacy professionals, academics, legal scholars, representatives of international businesses, and others from across the United States and 27 European countries observed Data Privacy Day. The CPB focused on the growing problem of medical identity theft -- what it is, what to look out for, how to avoid it, and ways to fight back. The CPB  was recognized internationally and by the Governor for also launching an "Exercise Your Options" initiative which informs consumers about privacy options, such as opting out of "pre-approved" offers, reducing telemarketing calls by signing up for the Do Not Call Registry, monitoring their credit history by obtaining free credit reports, and more.

Last Modified: September 14, 2010