On August 19, 2010, the California Senate passed SB 1166, which would update California’s data breach notification law. The bill (then SB 20) was previously vetoed last October because, the governor said, there was no proof that the new measures would actually help consumers. Joe Simian (D-Palo Alto), who drafted the bill, said he was persuaded to reintroduce it this year after conversations with the Governor’s office, and that, based on those conversations “a signature by the Governor seems possible this year.” SB 1166 would require additional information in notification letters, including the type of personal information exposed, a description of the incident, and an explanation of what steps consumers can take to protect themselves from identity theft. California’s current law was the first breach notification law in the nation in 2002. Since then, most states have adopted similar laws. Many of the newer rules include the kind of information SB 1166 would require.