The granddaddy of data breach notification laws just gave its original offspring longer arms. Governor Jerry Brown of California has signed into law two bills that expand the state’s notification law. One (S.B. 46) significantly broadens the scope of covered personal information to include a user name or email address when acquired in combination with a password or security question and answer that permit access to any online account. The other (A.B. 1149) extends the notification requirements to local government agencies. As with California’s original notification law, it seems likely that other states will begin to follow suit by expanding the coverage of their own laws.
- Checklist Checklist: Making an international transfer of personal data under the GDPR (EU) Recently updated
- How-to guide How-to guide: How to transfer personal data lawfully outside the European Economic Area (EU) Recently updated
- How-to guide How-to guide: How to comply with data processing principles under the GDPR (EU) Recently updated