Calif. Fiscal Hawks Fast-Track Data Breach Notification Bill
A California bill that sets data-breach notification deadlines will go to the Assembly floor and is racing toward passage by the legislature. At a livestreamed hearing Wednesday, the Assembly Appropriations Committee voted unanimously to add SB-446 by Sen. Melissa Hurtado (D) to the Assembly consent calendar, which is reserved for noncontroversial bills.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Passed by the Assembly Judiciary Committee last month and the full Senate on May 28 (see 2507080046), SB-446 would require disclosures to California residents within 30 days of a company discovering a breach, plus a notice to the state attorney general within 15 days of the company notifying affected consumers. California’s current law doesn’t specify deadlines for notifications.
Also at Wednesday's meeting, Assembly Appropriations moved multiple other AI-related bills to the committee’s “suspense file,” a category for bills deemed costly, setting them up for a vote at later meetings.
Bills now on suspense in the committee include:
- SB-7 on employers’ use of automated decision systems (see 2507170011 and 2506260010)
- SB-53, a frontier AI models bill that would require transparency about safety and security protocols and provide whistleblower protection to employees at AI developers (see 2507010047)
- SB-69 to require the California attorney general to build internal expertise on AI (see 2507080075)
- SB-243 to regulate AI chatbots
California legislators returned from summer recess Monday with many privacy and AI bills nearing the finish line (see 2508150016 and 2508150039).