Home > Uncategorized > California Does it Again

California Does it Again

The California Senate recently passed a bill that requires state government organizations and others to not only notify individuals who have been potentially affected by a data security breach, but also to provide details—what occurred, when it occurred, the type of information that was compromised, how many individuals may have been affected, and more. These organizations would also have to set up toll-free phone lines to enable potentially affected individuals to talk with credit bureau representatives at no cost. A second, similar bill that allows identity fraud cases to be held in the victim’s county of residence was also passed. Previously, prosecution of identity fraud had to occur in the county in which the information had been compromised or in which an identity fraud incident had occurred.

The two bills that the California Legislature passed are by no means earthshaking. Instead, they provide a small amount of additional help to data security breach victims and potential victims. It is almost impossible to understand why this help is so important unless you yourself have been an identity theft victim or if someone you know well has been a victim of this crime. I remember well when one of my daughters became a victim of identity theft a number of years ago after she paid for a piece of furniture that she had purchased with a credit card. She had to also show her drivers license during the transaction. The salesperson went in the back room and came out again shortly afterwards; what my daughter did not at first realize is that the salesperson had made a photocopy of her credit card and drivers license and then had stashed it away. The boyfriend of the salesperson and the salesperson made tens of thousands of dollars of purchases using the credit card number; the sales person had even made a counterfeit drivers license that looked just like my daughter’s. The credit card company detected that something was wrong, called my daughter, and almost immediately froze her account. Then all kinds of trouble began. My daughter’s credit rating plummeted to the point that she was able to obtain neither other credit cards nor any kind of credit with local stores. It took approximately four months of intensive effort on her part to get her credit rating back to what it was before and to finally be able to use her credit card. And from what I am told about identity theft experiences, her case was actually a relatively mild one.

The good news is that once again California is leading the way as far as security-related legislation goes. The passage of SB 1386 in this state approximate a half decade ago paved the way for other states, the overwhelming majority of which have now passed some kind of legislation that requires victims of data security breaches to be notified. Sadly, however, despite numerous unsuccessful previous attempts, legislation of this nature has yet to be passed at the federal level. Why remains a mystery, but one thing is certain—another opportunity to vote out of office legislators who have opposed data security breach legislation is coming this November.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.