A number of state legislatures are once again considering data security legislation. For example, the Nevada Senate is considering a bill that would require businesses to encrypt or destroy personal information stored on copiers, fax machines, and other devices before relinquishing ownership, custody, or control of the devices (S.B. 267). The California Senate once again approved a bill that would amend and expand the state’s security breach notification statute. S.B. 24 would, among other things, provide requirements for the content of notices that businesses must send to consumers when there is a security breach. Moreover, S.B. 24 would require that businesses notify the California AG of breaches involving more than 500 state residents. S.B. 24 is substantially similar to three previous bills that were approved by the California legislature and then ultimately vetoed by the now-former Governor.