California Senate again OKs breach notification law update

Share this article:

The California Senate has approved a bill that would update the state's pioneering data breach notification law, the lawmaker who introduced the legislation announced Friday.

The bill from Democratic Sen. Joe Simitian is a reintroduction of the same measure that he proposed last year, but which was ultimately vetoed by Gov. Arnold Schwarzenegger.

The current legislation, known as SB-1166, builds on the landmark 2003 breach notification bill, SB-1386, by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident, and advice on steps to take to protect oneself from identity theft. The law also would mandate that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

“This new measure makes modest but helpful changes to the law," Simitian said in a statement. "It will also give law enforcement the ability to see the big picture, and a better understanding of the patterns and practices developing in connection with identity theft."

He added that he believes, based on conversations with the governor's office, that Schwarzenegger will sign the bill this time.

Last October, Schwarzenegger, in a veto notice, said he decided to refuse the bill because there was no proof the additional information required by the legislation would actually help consumers. In addition, the governor said he saw no reason why the attorney general's office needed to become a "repository" of data breach notifications. However, no lobbying groups objected the proposal.

California has a history of taking the lead on consumer protection laws. SB-1386, which took effect July 1, 2003, required organizations that maintain personal information to notify customers in the event of a breach. Since then, 46 other states have followed suit, with Mississippi this week becoming the latest.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.