Calif. breach notification bill going back to the governor

Share this article:

A California proposed bill that would update the state's pioneering data breach notification law is heading back to the governor's desk.

The bill from Democratic Sen. Joe Simitian is a reintroduction of the same measure that he proposed last year, but which was ultimately vetoed by Gov. Arnold Schwarzenegger.

The current legislation, known as SB-1166, has been approved by the California Legislature, Simitian announced Thursday. 

It builds on the landmark 2003 breach notification bill, SB-1386, by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident, and advice on steps to take to protect oneself from identity theft. The law also would mandate that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

“No one likes to get the news that personal information about them has been stolen,” Simitian said. “But when it happens, people are entitled to get the information they need to decide what to do next.”

The lawmaker has expressed confidence that Schwarzenegger will sign the bill this time around.

Last October, the governor, in a veto notice, said he decided to refuse the bill because there was no proof the additional information required by the legislation would actually help consumers. In addition, the governor said he saw no reason why the attorney general's office needed to become a "repository" of data breach notifications.

However, no lobbying groups objected the proposal.

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.