Sen. Dodd’s Data Breach Security Bill Approved by Senate
SACRAMENTO -- A bill from Sen. Bill Dodd, D-Napa, that would protect consumers from the kinds of data breaches that have exposed the personal financial information of hundreds of millions of people nationwide was approved Wednesday by the Senate despite intense industry lobbying.
“This is a common sense measure to help protect consumers from future data breaches and punish companies that fail to properly protect data,” Senator Dodd said. “It will give consumers recourse and provide a strong incentive for firms to act responsibly with our data.”
Senate Bill 1121 was in part inspired by the 2017 Equifax breach, which exposed the personal financial information of 148 million Americans, creating the largest theft of Social Security numbers in U.S. history. Under current law, consumers effectively have no recourse against such a breach.
The bill changes that in several important ways. It clarifies that “consumers” are covered by data breach protections not just “customers.” It also aligns the Information Practices Act with the Confidentiality of Medical Information Act by adding damages of between $200 and $1,000 for failure to take reasonable security measures and failure to notify consumers. In addition, it holds companies accountable by clarifying that consumers may seek redress for up to four years from when they suffer financial harm not just from when the breach occurs. Finally, the bill makes clear that consumers can join in class action lawsuits to hold a negligent company accountable.
It applies only to businesses that do not encrypt or redact data and keep a consumer’s name, social security number, driver’s license or financial account numbers.
“With continued breaches and increasing amounts of personal information available on the web, this effort to clarify and put teeth in our data security laws is absolutely essential,” Dodd said. “I’m hopeful other states will see the wisdom of safeguarding our information in this way and will follow our lead to protect consumers in the digital age.”
SB 1121 heads next to the Assembly.
Senator Bill Dodd represents California’s 3rd Senate District, which includes all or portions of Napa, Sonoma, Solano, Yolo, Sacramento, and Contra Costa counties. You can learn more about Senator Dodd at www.sen.ca.gov/dodd.