Thursday, August 20, 2009

Two California Privacy Bills Included in Consumer Coalition List of Legislative Priorities

California lawmakers returning from summer recess were greeted by a letter from nine consumer rights organizations outlining legislative priorities during the final month of the 2009 session.

Signing the letter were CALPIRG, California Alliance for Retired Americans, Congress of California Seniors, Consumer Action, Consumer Federation of California, Consumers for Auto Reliability and Safety, Consumers Union, Older Women’s League of California, and Privacy Rights Clearinghouse.

This list includes two key privacy protection bills among the list of 13 (2 were "bad" anti-consumer bills and eleven were "good" pro-consumer bills).

Let me briefly describe each of the two privacy bills chosen and how each is progressing in the legislature (I've highlighted and discussed both of these on this blog in the past):

Assembly Bill 943 (Mendoza) - Credit Reports

AB 943 (Mendoza) would prohibit a prospective employer from using consumer credit reports in the hiring process. The bill provides exceptions in cases when the job duties include access to cash or other financial assets, when the job is in law enforcement and in other narrow areas. An employer should not have any right to obtain confidential information that is not germane to a prospective employee’s job.

Credit reports do not have predictive value in determining a worker’s ability to perform job duties, but a bad credit report might unfairly influence a hiring employer’s attitude toward a job applicant. Unemployed workers are more likely to have suffered some downgrading of their credit score due to the circumstances of their unemployment; hence reliance on credit reports as a factor in hiring decisions might adversely impact those most in need of a job.Credit reports are often inaccurate, and could unfairly bias an employer.

Correcting mistaken information in a credit report is a tedious, time consuming process, and in the meantime, the job applicant is harmed due to errors by credit reporting entities. We therefore, are urging the Legislature to protect the financial privacy of Californians from unwarranted snooping by prospective employers by voting Yes on AB 943.

Bill Status...Good News: AB 943 (Mendoza) passed the Senate Judiciary Committee by a party line vote of 3 to 2 on July 7th, 2009. The bill cleared the Senate Labor and Industrial Relations Committee by a vote of 4 to 2 on June 25th - also along party lines. The bill passed the Assembly floor by a vote of 49 to 30 on May 28th. AB 943 is now scheduled to be heard in Senate Appropriations on August 24th.

Click here to read the Assembly Analysis of the bill.

Senate Bill 20 (Simitian) - Data Breach Notifications

SB 20 would amend California's security breach notification law stating that any public agency, person or business required to issue a security breach notification to more than 500 residents must submit the notification electronically to the Attorney General.This measure also requires that the notification be written in plain language and include contact information regarding the breach, the types of information breached, and the date, estimated date, or date range of the breach.

Additionally, SB 20 would amend the substitute notice provisions of California's security breach notification law to require that an entity providing substitute notice also provide notice to the Office of Information Security and Privacy Protection.

California’s current security breach notification law does not require public agencies, businesses, or persons subject to that law to provide any standard set of information about the breach to consumers.

As a result, security breach notification letters often lack important information - such as the time of the breach or type of information that was breached - or are confusing to consumers.This leaves consumers uncertain about how to respond to the breach or protect themselves from identity theft.

SB 20 makes relatively modest but helpful changes to the current security breach notification statutes to enhance consumer knowledge about, and understanding of, security breaches.For these reasons, we support SB 20, and have been urging the Legislature to do the same.

Click here to read the analysis of the bill.

Bill Status...more good news: SB 20 (Simitian) was approved by the Assembly Appropriations by a vote of 12 to 1 on August 19th and the Assembly Judiciary Committee by a vote of 7 to 3 on June 30th. The bill passed the Senate on April 27th by a vote of 26 to 7. The bill passed Assembly Appropriations on August 19th and awaits an Assembly floor vote to determine whether it will reach the Governor's desk.

No comments: