The State Legislature approved State Senator Joe Simitian´s (D-Palo Alto) SB 20, a bill to strengthen and update California´s landmark privacy protection law. The bill now goes to the Governor, who has until October 11th to sign or veto the legislation.
SB 20 builds on previous legislation authored by Simitian, AB 700 (2002), which required any company or business that loses unencrypted personal information to send a security breach notification letter to consumers whose privacy was compromised. In the years since Simitian´s original privacy protection law, the measure has been widely praised, and more than 40 states have adopted similar legislation.
If signed into law, SB 20 would strengthen that protection by requiring that the notification letters contain specific information designed to help victims safeguard their privacy. This includes the type of personal information exposed, a description of the incident, and when it took place. “Experience over the past half dozen years indicates that too often the information received is confusing, not clarifying,” said Simitian. “SB 20 ensures that notice of a security breach will be genuinely helpful to consumers,” he said.
Read more on California Chronicle.