California Senate again OKs breach notification law update

Share this article:

The California Senate has approved a bill that would update the state's pioneering data breach notification law, the lawmaker who introduced the legislation announced Friday.

The bill from Democratic Sen. Joe Simitian is a reintroduction of the same measure that he proposed last year, but which was ultimately vetoed by Gov. Arnold Schwarzenegger.

The current legislation, known as SB-1166, builds on the landmark 2003 breach notification bill, SB-1386, by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident, and advice on steps to take to protect oneself from identity theft. The law also would mandate that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

“This new measure makes modest but helpful changes to the law," Simitian said in a statement. "It will also give law enforcement the ability to see the big picture, and a better understanding of the patterns and practices developing in connection with identity theft."

He added that he believes, based on conversations with the governor's office, that Schwarzenegger will sign the bill this time.

Last October, Schwarzenegger, in a veto notice, said he decided to refuse the bill because there was no proof the additional information required by the legislation would actually help consumers. In addition, the governor said he saw no reason why the attorney general's office needed to become a "repository" of data breach notifications. However, no lobbying groups objected the proposal.

California has a history of taking the lead on consumer protection laws. SB-1386, which took effect July 1, 2003, required organizations that maintain personal information to notify customers in the event of a breach. Since then, 46 other states have followed suit, with Mississippi this week becoming the latest.

Share this article:

Sign up to our newsletters

More in News

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.

EFF asks court to find NSA internet spying a violation of Fourth Amendment

EFF asks court to find NSA internet spying ...

Complete with a colorful graphic, the EFF showed a federal court how the NSA essentially runs a digital dragnet that can pick up innocent Americans.

Study: Asian Android users at higher risk of malware exposure

Cheetah Mobile's new study showed that Asian Android users have a two to three times greater risk of downloading malware onto their devices.