Calif. breach notification bill going back to the governor

Share this article:

A California proposed bill that would update the state's pioneering data breach notification law is heading back to the governor's desk.

The bill from Democratic Sen. Joe Simitian is a reintroduction of the same measure that he proposed last year, but which was ultimately vetoed by Gov. Arnold Schwarzenegger.

The current legislation, known as SB-1166, has been approved by the California Legislature, Simitian announced Thursday. 

It builds on the landmark 2003 breach notification bill, SB-1386, by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident, and advice on steps to take to protect oneself from identity theft. The law also would mandate that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

“No one likes to get the news that personal information about them has been stolen,” Simitian said. “But when it happens, people are entitled to get the information they need to decide what to do next.”

The lawmaker has expressed confidence that Schwarzenegger will sign the bill this time around.

Last October, the governor, in a veto notice, said he decided to refuse the bill because there was no proof the additional information required by the legislation would actually help consumers. In addition, the governor said he saw no reason why the attorney general's office needed to become a "repository" of data breach notifications.

However, no lobbying groups objected the proposal.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.