Viewpoint Home Viewpoint Home SAI Global Compliance

Lisa J. Sotto
Hunton & Williams

Ms. Sotto is a partner in the New York City office of Hunton & Williams. She concentrates her practice on privacy and information management issues. She assists clients in identifying, evaluating and managing risks associated with privacy and information security practices of companies and third parties and conducts all phases of privacy and data protection assessments and information security audits. She further advises clients on the Gramm-Leach-Bliley Act, HIPAA, COPPA, CAN-SPAM and other U.S. state and federal privacy requirements (including HR requirements); the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA); and global data protection laws (including those in the EU and Latin America).
Lisa J. Sotto's Recent Entries

Learn more about other SAI Global advisors »

SAI Global Compliance

New York Makes Internet Impersonation a Crime

by Lisa J. Sotto, Jan 06, 2009

In a continuing effort to combat identity theft, New York recently enacted an amendment to the Penal Law making it a crime to impersonate another person or pretend to be a public servant by means of online communication. Specifically, New York’s Internet impersonation law amends section 190.25 of the Penal Law by adding Subdivision 4, making it a crime to impersonate another person by electronic means, including through use of a website, with the intent to obtain a benefit or injure or defraud another person. It also prohibits using such electronic means to pretend to be a public servant in order to induce another person to submit to false authority or to act in reliance on that false pretense.

Internet impersonation is a Class A misdemeanor and carries a maximum penalty of a $1,000 fine and a one-year term of imprisonment for each violation or act of impersonation. The new law became effective on November 1, 2008.

Scope of the Law

The Memorandum accompanying the New York State Assembly bill states that the purpose of the new law is to deter perpetrators who, with intentions ranging from harassment to identity theft, gain access into another person’s account and pose as them through the use of online communications. The scope of activities the new law covers may be even broader than its stated purpose, however. By its plain language, the law applies to any person or entity who impersonates another person on the Internet with the “intent to obtain a benefit or injure or defraud another.” This would cover social networking sites, such as MySpace, Friendster and Facebook, that make it easy to upload someone else’s photo and pretend to be that person. The new law is intended to “deter the plethora of cases” of “misrepresenting oneself through the use of the Internet.”

Have a comment?