California Senate again OKs breach notification law update

Share this article:

The California Senate has approved a bill that would update the state's pioneering data breach notification law, the lawmaker who introduced the legislation announced Friday.

The bill from Democratic Sen. Joe Simitian is a reintroduction of the same measure that he proposed last year, but which was ultimately vetoed by Gov. Arnold Schwarzenegger.

The current legislation, known as SB-1166, builds on the landmark 2003 breach notification bill, SB-1386, by requiring that breach notification letters also contain specifics around the data-loss incident, including the type of personal information exposed, a description of the incident, and advice on steps to take to protect oneself from identity theft. The law also would mandate that organizations that suffer a breach affecting 500 or more people must submit a copy of the alert letter to the state attorney general's office.

“This new measure makes modest but helpful changes to the law," Simitian said in a statement. "It will also give law enforcement the ability to see the big picture, and a better understanding of the patterns and practices developing in connection with identity theft."

He added that he believes, based on conversations with the governor's office, that Schwarzenegger will sign the bill this time.

Last October, Schwarzenegger, in a veto notice, said he decided to refuse the bill because there was no proof the additional information required by the legislation would actually help consumers. In addition, the governor said he saw no reason why the attorney general's office needed to become a "repository" of data breach notifications. However, no lobbying groups objected the proposal.

California has a history of taking the lead on consumer protection laws. SB-1386, which took effect July 1, 2003, required organizations that maintain personal information to notify customers in the event of a breach. Since then, 46 other states have followed suit, with Mississippi this week becoming the latest.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.