Privacy Legislation Enacted in 2005
Unless otherwise noted, all laws go into effect January 1, 2006
Data Collection/Use Limits
AB 361 (Runner) - Notaries Public: This law makes it a misdemeanor for notaries to willfully fail to perform duties and clarifies that the crime of forgery includes falsifying an acknowledgement of a notary. See Civil Code § 1189, Government Code §§ 8225, 8214.8 and 8228.1, and Penal Code § 470.
AB 1517 (Runner) - Department of Managed Health Care Employee Background Checks: This law permits DMHC to conduct criminal background checks on prospective employees who would have access to medical information. It also requires DMHC to conduct criminal background checks on contractors with access to medical records. See Government Code § 1041.
AB 1527 (Liu) - Identity Theft: Bank Account Numbers: This law prohibits a depository institution, as defined, from using an account number previously held by a different customer until three years after the account was closed. See Financial Code § 4100.
AB 1595 (Evans) - Privacy: Public Officials: This law prohibits a person, business or association from posting or displaying, on the Internet, the home address or telephone number of any elected or appointed official if that official has made a written demand not to disclose his or her information. It limits the liability of an interactive computer service or access provider under these provisions. It also adds to the list of elected or appointed officials covered by all of the foregoing provisions state administrative law judges, federal judges, and federal defenders, Members of the United States Congress, and appointees of the President. See Government Code § 6254.21.
SB 13 (Bowen) - Personal Information for Research, State Agencies: This law amends the Information Practices Act, a comprehensive privacy law that applies to state agencies. It authorizes a state agency to disclose personal information for certain research purposes to the University of California or a nonprofit educational institution only if the request is approved by the Committee for the Protection of Human Subjects for the California Health and Human Services Agency. The law also establishes criteria for the review and approval of the request. See Civil Code § 1798.24, Welfare & Institutions Code §10850.
SB 158 (Machado) - Powers of Attorney: Social Security Numbers: This law deletes the SSN line from the statutory form to be used for granting power of attorney and also requires the inclusion of a statement on the form that a third party may seek identification. See Probate Code § 4401
AB 988 (Bogh) - Identity Theft: Criminal Profiteering: This law adds "the theft of personal identifying information" to the offenses specified as criminal profiteering activity and patterns of criminal profiteering activity. See Penal Code § 186.2.
AB 1069 (Montanez) - Identity Theft: This law prohibits the possession of document-making devices with intent to use them to manufacture, alter, or authenticate a deceptive identification document. It also includes, in the definition of "deceptive identification document," documents not used by a government agency of a foreign government, an international government or an international quasi-governmental organization. A conviction is punishable by up to one year in county jail and/or a fine of up to $1,000. See Penal Code § 483.5.
AB 1566 (Calderon) - Identity Theft: Penalties for Armed Forces Victims: This law provides that identity theft involving the personal information of a member of the armed forces, reserve or National Guard, on active duty outside the state, is punishable by imprisonment for one year and/or a fine of up to $2,000. It also provides for ordering the defendant to make restitution to the victim for any economic loss. See Penal Code § 530.5.
SB 460 (Margett) - Offender Access to Personal Information: This law expands existing law to prohibit any county jail or state prison inmate from having any job that provides access to personal information. See Penal Code §§ 4017.1 and 5017.
SB 355 (Murray) - Anti-Phishing Act of 2005: This law makes it unlawful for any person to solicit, request, or take any action to induce another person, through electronic means, to provide identifying information by representing itself to be a business without the approval or authority of the business. It provides civil remedies and penalties for violation. See Business & Professions Code § 22948.2.
SB 97 (Murray) - Spam Penalties: This law makes a violation of California's existing anti-spam law punishable as a misdemeanor. It authorizes a fine of up to $1,000 and/or imprisonment of up to six months. See Business & Professions Code §17529.5.
SB 833 (Bowen) - Unsolicited Advertising Faxes: This law makes it unlawful for a person or entity, if located in California or if the recipient is located in California, to send an unsolicited advertisement to a fax machine. The law authorizes the recipient of an unsolicited advertising fax to bring an action for a violation of these provisions for injunctive relief, actual damages, or damages of $500 per violation, whichever is greater, or both injunctive relief and damages. And, if the violation was willful, the law authorizes a court to award treble damages. The law also makes it unlawful for a person or entity, if located in California or the recipient is located in California, to initiate a facsimile communication unless the message is clearly marked with certain identifying information. See Business & Professions Code § 17538.43.