Ed Chau
- Democratic
Author
Existing law regulating consumer credit reporting agencies provides as its purpose to require, among other things, that these agencies adopt reasonable procedures for meeting the needs of commerce for consumer credit in a manner that is fair and equitable to the consumer with regard to the confidentiality of such information and in a manner that will best protect the interests of the people of the state. Existing law requires a person or business that owns or licenses computerized data that includes personal information to disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of California whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person, or, whose encrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person and the encryption key or security credential was, or is reasonably believed to have been, acquired by an unauthorized person and the agency that owns or licenses the encrypted information has a reasonable belief that the encryption key or security credential could render that personal information readable or useable. Existing law requires the disclosure to be made in the most expedient time possible and without unreasonable delay, as specified. Existing law authorizes any customer who is injured by a violation of these provisions to institute a civil action to recover damages. This bill would require a consumer credit reporting agency that owns, licenses, or maintains personal information about a California resident, or a 3rd party that maintains personal information about a California resident on behalf of a consumer credit reporting agency, that knows, or reasonably should know, that a computer system it owns, operates, or maintains, and for which it controls the security protocols, is subject to a security vulnerability that poses a significant risk to the security of computerized data within the system that contains personal information, to take certain measures to protect that data, including implementing software updates, if it knows or reasonably should know that a software update is available to address the security vulnerability, and employing reasonable compensating controls to reduce the risk of a breach caused by computer system vulnerability until the software update is complete, as specified.
Approved by the Governor.
Chaptered by Secretary of State - Chapter 532, Statutes of 2018.
Enrolled and presented to the Governor at 3 p.m.
Senate amendments concurred in. To Engrossing and Enrolling. (Ayes 80. Noes 0. Page 6830.).
In Assembly. Concurrence in Senate amendments pending. May be considered on or after August 29 pursuant to Assembly Rule 77.
Read third time. Passed. Ordered to the Assembly. (Ayes 39. Noes 0. Page 5817.).
Read second time. Ordered to third reading.
Read third time and amended. Ordered to second reading.
Read second time. Ordered to third reading.
From committee: Amend, and do pass as amended. (Ayes 5. Noes 2.) (August 16).
Read second time and amended. Ordered returned to second reading.
From committee: Do pass and re-refer to Com. on APPR. (Ayes 5. Noes 2.) (June 26). Re-referred to Com. on APPR.
In Senate. Read first time. To Com. on RLS. for assignment.
Read third time. Passed. Ordered to the Senate. (Ayes 57. Noes 15. Page 5585.)
Read second time. Ordered to third reading.
Read second time and amended. Ordered returned to second reading.
From committee: Amend, and do pass as amended. (Ayes 8. Noes 2.) (May 1).
Read second time and amended.
From committee: Amend, and do pass as amended and re-refer to Com. on JUD. (Ayes 9. Noes 1.) (April 17).
In committee: Hearing postponed by committee.
From printer. May be heard in committee February 10.
Read first time. To print.
| Bill Text Versions | Format |
|---|---|
| AB1859 | HTML |
| 01/10/18 - Introduced | |
| 04/19/18 - Amended Assembly | |
| 05/03/18 - Amended Assembly | |
| 08/17/18 - Amended Senate | |
| 08/22/18 - Amended Senate | |
| 08/31/18 - Enrolled | |
| 09/19/18 - Chaptered |
| Document | Format |
|---|---|
| No related documents. |
Data on Open States is updated periodically throughout the day from the official website of the California State Legislature.
If you notice any inconsistencies with these official sources, feel free to file an issue.