california data breach law

California Department of Justice/YouTube

California aims to strengthen data breach notification law

The announcement came Thursday evening.


Andrew Wyrich


Posted on Feb 21, 2019   Updated on May 20, 2021, 6:35 pm CDT

California lawmakers and officials on Thursday announced an update to a law that would make more robust requirements for companies to alert people to major data breaches.

California Attorney General Xavier Becerra and state assembly member Marc Levine (D) introduced the bill on Thursday evening.

The bill would update an existing California law that only requires companies to notify state victims if social security numbers, drivers licenses, and credit cards are involved in a data breach. Passport cards, green cards, and biometric information would be added to the law.

“We’ve learned a few things over the years,” Becerra said in a press conference Thursday. “We’ve seen what’s happened with some of these breaches, and we have more information now to help guide us.”

Becerra added: “We have an opportunity today to make that data breach law stronger, and that’s why we’re moving today to make it more difficult for those hackers, and those cybercriminals to not win in this game of getting your private information.”

The new bill comes on the heels of a data breach from Starwood Hotels that exposed names, addresses, and passport information for hundreds of millions of people.

Becarra said he hopes the bill will pass through the state’s legislature and be signed by the governor.

You can watch all of the remarks here.


Share this article
*First Published: Feb 21, 2019, 5:37 pm CST