1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

California introduces proposal to expand data breach notification law

By Cal Jeffrey
Feb 22, 2019
Post New Reply
  1. California is introducing new legislation that expands on current data breach notification requirements. State Attorney General Xavier Becerra announced the proposed bill on Thursday.

    Drafted by Becerra an Assemblyman Marc Levine, the law will require companies to notify customers if their biometric data or passport numbers have been compromised. Existing legislation passed in 2003 only holds health insurance information, medical data, credit card, driver’s license, and social security card numbers as being “personal information.”

    Becerra says the bill would expand the current protections. The proposal was prompted by the Marriott/Starwood breach last November in which hackers stole over 500 million customer records including 25 million passport numbers.

    AB 1130 will increase our efforts to protect consumers from fraud and affirms our commitment to demand the strongest consumer protections in the nation.

    “Knowledge is power, and all Californians deserve the power to take action if their passport numbers or biometric data have been accessed without authorization,” said the California AG. “We are grateful to Assemblymember Levine for introducing this bill to improve our state’s data breach notification law and better protect the personal data of California consumers. AB 1130 closes a gap in California law and ensures that our state remains the nation’s leader in data privacy and protection.”

    Becerra notes that while Marriott did notify customers of the Starwood breach as required by law, he is not so sure that would have been the case if it were only the 25 million passport numbers that went missing, which are not currently required to be reported.

    Identity theft and fraud are on the rise with millions of records being sold on the dark web every day. With so many companies controlling consumers' digital fingerprints, both figuratively and literally, lawmakers view the disclosure of breaches to that information of the most vital importance. The public must be allowed to know there are real or potential bad actors accessing their data so they can take immediate action.

    Permalink to story.

  2. Cycloid Torus

    Cycloid Torus Stone age computing - click on the rock below.. Posts: 4,067   +1,190

    Yeah, I should know about it when they steal my fingerprints and irises and send me (virtually) to Siberia.

    A cyber 'where's waldo?'

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...