Latest in Gear

Image credit:

California bill aims to strengthen data breach notification law

The state's Attorney General wants to protect people's passport numbers and biometrics.
Mariella Moon, @mariella_moon
February 22, 2019
Share
Tweet
Share

Sponsored Links

Greg Blomberg / EyeEm via Getty Images

California might have more comprehensive data breach notification rules if a new bill becomes law. The golden state's Attorney General, Xavier Becerra, and Assemblymember Marc Levine want to require companies to notify customers if their passport numbers and biometric information have been compromised. According to Becerra's announcement, the massive Starwood Hotels data breach in 2018 prompted them to conjure up the proposal. That security breach affected as many as 500 million guests, with the hackers managing to steal around 327 million personal records, including passport numbers.

As Becerra noted, California was the first state to pass a data breach notification law back in 2003, requiring businesses to disclose if consumers' personal information had been stolen. However, only social security numbers, driver's license numbers, credit card numbers and medical and health insurance data are considered "personal information" under its rules.

While Starwood Hotels disclosed the security breach, other companies might not be as forthcoming when they're not legally required to divulge a hack based on what was stolen. That's why this bill aims to update the law in order to add passport numbers and biometric information, such as fingerprints and iris scans, to the list of recognized personal information. Passport numbers are government-issued identifiers, after all, and a bad actor could use them to steal a person's identity via social engineering or to commit fraud.

The Attorney General said in a statement:

"Knowledge is power, and all Californians deserve the power to take action if their passport numbers or biometric data have been accessed without authorization. We are grateful to Assemblymember Levine for introducing this bill to improve our state's data breach notification law and better protect the personal data of California consumers. AB 1130 closes a gap in California law and ensures that our state remains the nation's leader in data privacy and protection."

In this article: bill, california, gear, politics
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Amazon Prime members get free one-hour grocery pickups at Whole Foods

Amazon Prime members get free one-hour grocery pickups at Whole Foods

View
AOC's 'Among Us' Twitch stream peaked at over 435,000 viewers

AOC's 'Among Us' Twitch stream peaked at over 435,000 viewers

View
LG's rollable OLED TV goes on sale for $87,000

LG's rollable OLED TV goes on sale for $87,000

View
Apple iPad Air (2020) review: Who needs the iPad Pro?

Apple iPad Air (2020) review: Who needs the iPad Pro?

View
The 44mm Apple Watch Series 6 falls to $400 at Amazon

The 44mm Apple Watch Series 6 falls to $400 at Amazon

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr