May 20, 2009
The California State Senate has approved a new law requiring companies to provide victims of a data breach with additional information.
The new law, SB-20, would require that companies tell customers what type of personal information was breached and when the breach occurred. The previous law required only that companies say that a breach had occurred.
"No one likes to get the news that information about them has been stolen, but when it happens, people are entitled to get a notice they can understand, and that helps them decide what to do next. The premise is simple. What you don't know can hurt you. Ignorance is not bliss. And you can't protect yourself if you don’t know you're at risk."
Over 40 states currently have breach notification laws, though this is just one added step that California has taken to protect consumer information. Simitian argues that requiring detailed notifications is not just important for consumers, but also for law enforcement in order to get an understanding of the patterns associated with data theft.
SB-20 was introduced by Democrat Senator Joe Simitian. The new bill is up for approval by the state Assembly before it is finalized. Learn more about SB-20 here. Computrace can help you identify what information was breached. Find out how Computrace can help
Share this article