• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Update: California Governor Brown Signs into Law S.B. 46, New Notification Requirements for Data Security Breaches

September 30, 2013 By Privacy & Data Security Team

On September 27, 2013, California Governor Brown signed into law S.B. 46, amending California’s data security breach notification law California Civil Code Section 1798.82. The new law builds upon existing requirements for prompt consumer notification whenever individuals have had their passwords, usernames or security question and answers compromised. It expands the definition of personal information to include, “A user name or email address, in combination with a password or security question and answer that would permit access to an online account.” California Senate Majority Leader Ellen M. Corbett (D-San Leandro), who authored S.B. 46, released a statement in which she said, “SB 46 protects online consumers by ensuring that they are promptly notified if and when their passwords, usernames or security question and answers are compromised or stolen. Many consumers now conduct their day-to-day personal business online, including banking and paying bills, which creates more opportunities for sophisticated cybercriminals to access and steal their personal information. I am grateful that Governor Brown has signed S.B. 46 since it will allow consumers to take steps to minimize potential identity theft and other criminal activity whenever their information is stolen.” The new law will become effective as of January 1, 2014. For more information on S.B. 46, please see our previous blog posting entitled California S.B. 46 Expands Data Breach Notification Law to Include Breaches of User Names and Email Addresses for Online Accounts.

For more detailed information on the new law, please refer to our full-length client advisory entitled
S.B. 46 Adds Notification Requirements for Breaches of an Individual’s User Name or Email Address in Combination with a Password or Security Question and Answer that Permit Access to an Online Account.

Written by Claire Lucy Readhead, Associate, Privacy & Data Security | Alston & Bird LLP

Filed Under: Data Breach, Data Protection, Data Security, Legislation, Online Privacy, Privacy Tagged With: US State Law

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • European Commission Adopts Draft UK Adequacy Decision
  • NYDFS Issues Best Practices for Cyber Insurance Risk Management
  • Fifth Circuit Decision Raises Cyber Enforcement Complications for the U.S. Department of Health and Human Services
  • Virginia Ready to Pass First State Privacy Statute after CCPA
  • The EDPB-EDPS Joint Opinion on Data Processing Standard Contractual Clauses: Key Takeaways
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.