Thursday, July 2, 2009

Two Important CA Privacy Bills One Step Closer to Governor's Desk

I occasionally like to provide descriptions and updates here regarding some of the most important California specific privacy protection bills we (Consumer Federation of California) are working on this year and how they are progressing in the Legislature.

Today I'll stick with just two. Click here to check out all of them.

Assembly Bill 943 (Mendoza) - Credit Reports

AB 943 (Mendoza) would prohibit a prospective employer from using consumer credit reports in the hiring process. The bill provides exceptions in cases when the job duties include access to cash or other financial assets, when the job is in law enforcement and in other narrow areas. An employer should not have any right to obtain confidential information that is not germane to a prospective employee’s job.

Credit reports do not have predictive value in determining a worker’s ability to perform job duties, but a bad credit report might unfairly influence a hiring employer’s attitude toward a job applicant. Unemployed workers are more likely to have suffered some downgrading of their credit score due to the circumstances of their unemployment; hence reliance on credit reports as a factor in hiring decisions might adversely impact those most in need of a job.

Credit reports are often inaccurate, and could unfairly bias an employer. Correcting mistaken information in a credit report is a tedious, time consuming process, and in the meantime, the job applicant is harmed due to errors by credit reporting entities. We therefore, are urging the Legislature to protect the financial privacy of Californians from unwarranted snooping by prospective employers by voting Yes on AB 943.

Bill Status...Good News: AB 943 (Mendoza) passed the the Senate Labor and Industrial Relations Committee by a vote of 4 to 2 on June 25th along party lines. The bill passed the Assembly floor by a vote of 49 to 30 on May 28th. AB 943 has been referred for hearing by the Senate Judiciary Committee on July 7th.

Click here to read the Assembly Analysis of the bill.

Senate Bill 20 (Simitian) - Data Breach Notifications

SB 20 would amend California's security breach notification law stating that any public agency, person or business required to issue a security breach notification to more than 500 residents must submit the notification electronically to the Attorney General.

This measure also requires that the notification be written in plain language and include contact information regarding the breach, the types of information breached, and the date, estimated date, or date range of the breach.

Additionally, SB 20 would amend the substitute notice provisions of California's security breach notification law to require that an entity providing substitute notice also provide notice to the Office of Information Security and Privacy Protection.

California’s current security breach notification law does not require public agencies, businesses, or persons subject to that law to provide any standard set of information about the breach to consumers. As a result, security breach notification letters often lack important information - such as the time of the breach or type of information that was breached - or are confusing to consumers.

This leaves consumers uncertain about how to respond to the breach or protect themselves from identity theft. SB 20 makes relatively modest but helpful changes to the current security breach notification statutes to enhance consumer knowledge about, and understanding of, security breaches.

For these reasons, we support SB 20, and have been urging the Legislature to do the same.

Bill Status...more good news: SB 20 (Simitian) was approved by the Assembly Judiciary Committee by a vote of 7 to 3 on June 30th. The bill passed the Senate on April 27th by a vote of 26 to 7. Next stop? Coming soon...

Click here to read an article on the vote in the Senate from the California Chronicle.

For more information on SB 20 click here.

No comments: