Proposed Law in CA Clarifies Breach Notification Rules

In SANS NewsBites' TOP OF THE NEWS, it is announced that a bill passed by the California State Senate details how government agencies and other organizations should notify consumers when their personal data have been compromised in a breach of security.

The chamber voted 30-7 in favor of the data breach notification bill, which requires notices to explain clearly what has happened and what people can do to protect themselves.

"Others have sugarcoated the news, or buried it in legal jargon, with the result that people don't understand their vulnerability to identify theft," said Sen. Joe Simitian, who introduced the bill. "No one likes to get the news that information about them has been stolen, but when it happens, people are entitled to get a notice they can understand and that helps them decide what to do next."

Simitian's bill follows a recommendation from a study by the Samuelson Law, Technology & Public Policy Clinic at the University of California at Berkeley School of Law, which said notices should be standardized.

For more information about the bill, see InformationWeek.