Recent Changes to New Jersey’s Daniel’s Law Could Create Risks

Recent Changes to New Jersey’s Daniel’s Law Could Create Risks

New Jersey’s Daniel’s Law, which has been in effect since July 20, 2023, greatly strengthens privacy protections in the state. However, according to an article in Risk Management Magazine, new amendments pose significant challenges for businesses. 

The law was initially created in response to the 2020 murder of Daniel Anderl, the son of Federal Judge Esther Salas, and has since been expanded to safeguard the personal information of judges, law enforcement officers, child protective services investigators, prosecutors, and their immediate relatives.

Under the law, authorized individuals can request the removal of personal information from the Internet and other public domains. These requests must be fulfilled within 10 days, with failure to comply resulting in substantial civil penalties, including actual damages of at least $1,000 per violation, punitive damages for willful breaches, and litigation costs. The law broadly defines disclosure and includes actions such as soliciting, selling, posting, and distributing protected information, thereby covering nearly any use of such information.

Because the law applies to any person or entity, the result has been extensive litigation. Businesses across the country, including those with robust privacy policies, have been targeted in nearly 150 lawsuits, some facing claims involving tens of millions of dollars in damages. Many lawsuits stem from mass email campaigns requesting nondisclosure, which often do not explicitly mention Daniel’s Law but reference other public laws.

The article highlights how the recent amendments to Daniel’s Law have heightened the legal risks for businesses. These changes removed the requirement for approval from the Office of Information Privacy before submitting notice requests, introduced the concept of an assignee who can seek protections on behalf of an authorized person, and expanded the scope of civil liability damages. This means businesses must now act even more swiftly and thoroughly to comply with nondisclosure requests or face severe financial repercussions.

The risks for businesses are significant. The short compliance period, expansive definition of disclosure, and high potential damages create a challenging environment. Companies must be prepared to quickly identify and respond to nondisclosure requests to avoid litigation. 

Given the law’s broad scope and evolving nature, the article suggests businesses must implement effective internal policies to ensure compliance and mitigate risks. Keeping abreast of legal developments is crucial to navigating the complexities and protecting against the substantial legal and financial consequences of noncompliance with New Jersey’s Daniel’s Law.