In 2003, California led the nation by adopting the first data breach notification law. Today, 44 states have adopted similar laws, and many of them are modeled around California Senate Bill 1386.
The current California law requires immediate disclosure of data breaches involving personal information. The new legislation, Senate Bill 1166, also specifies the content of a breach notification.
If passed, companies that fall vicitim to a data breach must provide the individuals affected with a description of the data breach, the date and time of the incident, and the type of information breached.
The Governor Schwarzenegger terminated a similar bill last year. However the bill's author, Sen. Joe Simitian (D-Palo Alto), is "cautiously optimistic" that this version will survive the veto pen.