Bill Text: CA AB928 | 2013-2014 | Regular Session | Enrolled

NOTE: There are more recent revisions of this legislation. Read Latest Draft
Bill Title: Personal information: privacy.

Spectrum: Partisan Bill (Republican 1-0)

Status: (Passed) 2014-09-30 - Chaptered by Secretary of State - Chapter 851, Statutes of 2014. [AB928 Detail]

Download: California-2013-AB928-Enrolled.html
BILL NUMBER: AB 928	ENROLLED
	BILL TEXT

	PASSED THE SENATE  AUGUST 7, 2014
	PASSED THE ASSEMBLY  AUGUST 20, 2014
	AMENDED IN SENATE  JUNE 16, 2014
	AMENDED IN SENATE  APRIL 2, 2014
	AMENDED IN SENATE  JULY 10, 2013
	AMENDED IN ASSEMBLY  MAY 14, 2013

INTRODUCED BY   Assembly Member Olsen

                        FEBRUARY 22, 2013

   An act to amend Section 11019.9 of the Government Code, relating
to state government.


	LEGISLATIVE COUNSEL'S DIGEST


   AB 928, Olsen.  Personal information: privacy.
   The Information Practices Act of 1977 requires a agency, among
other things, to maintain in its records only personal information,
as defined, that is relevant and necessary for a required or
authorized purpose. Existing law requires a department or agency to
enact and maintain a permanent privacy policy in adherence with that
act that includes, but is not limited to, specified principles.
   This bill would require each department and agency to
conspicuously post, as defined, its privacy policy on its Internet
Web site. The bill would also make related nonsubstantive changes.



THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS:

  SECTION 1.  Section 11019.9 of the Government Code is amended to
read:
   11019.9.  (a) Each state department and state agency shall enact
and maintain a permanent privacy policy, in adherence with the
Information Practices Act of 1977 (Title 1.8 (commencing with Section
1798) of Part 4 of Division 3 of the Civil Code). Each state
department and state agency shall conspicuously post its privacy
policy on its Internet Web site.
   (b) The privacy policy required by subdivision (a) shall include,
but is not limited to, the following principles:
   (1) Personally identifiable information is only obtained through
lawful means.
   (2) The purposes for which personally identifiable data are
collected are specified at or before the time of collection, and any
subsequent use is limited to the fulfillment of purposes not
inconsistent with those purposes previously specified.
   (3) Personal data shall not be disclosed, made available, or
otherwise used for purposes other than those specified, except with
the consent of the subject of the data, or as authorized by law or
regulation.
   (4) Personal data collected must be relevant to the purpose for
which it is collected.
   (5) The general means by which personal data is protected against
loss, unauthorized access, use modification or disclosure shall be
posted, unless that disclosure of general means would compromise
legitimate state department or state agency objectives or law
enforcement purposes.
   (6) Each state department or state agency shall designate a
position within the department or agency, the duties of which shall
include, but not be limited to, responsibility for the privacy policy
within that department or agency.
   (c) For purposes of this section, the term "conspicuously post"
shall include posting the privacy policy through any of the following
means:
   (1) An Internet Web page on which the actual privacy policy is
posted if the Internet Web page is the homepage or first significant
page after entering the Internet Web site.
   (2) An icon that hyperlinks to an Internet Web page on which the
actual privacy policy is posted, if the icon is located on the
homepage or the first significant page after entering the Internet
Web site, and if the icon contains the word "privacy." The icon shall
also use a color that contrasts with the background color of the
Internet Web page or is otherwise distinguishable.
   (3) A text link that hyperlinks to an Internet Web page on which
the actual privacy policy is posted, if the text link is located on
the homepage or first significant page after entering the Internet
Web site, and if the text link does any of the following:
   (A) Includes the word "privacy."
   (B) Is written in capital letters equal to or greater in size than
the surrounding text.
   (C) Is written in larger type than the surrounding text or in
contrasting type, font, or color to the surrounding text of the same
size, or is set off from the surrounding text of the same size by
symbols or other marks that call attention to the language.
   (4) Any other functional hyperlink that is so displayed that a
reasonable person would notice it and understand it to hyperlink to
the actual privacy policy.

LegiScan Search

View Top 50 Searches

Select area of search.
Find an exact bill number.
Search bill text and data. [help]
Reset

LegiScan Trends

View Top 50 National

SC H4720 Continuing Resolution
US SB4009 Veterans STAND Act Veterans Spinal Trauma Access to New Devices Act
MD HB1257 Public Schools - Restorative Practices Schools - Comprehensive Plan
CA AB2075 Resident Access Protection Act.
MO SB754 Modifies provisions relating to public safety
CO SB019 Remuneration-Exempt Identifying Placards
US HB6373 Veterans STAND Act Veterans Spinal Trauma Access to New Devices Act
KY HCR124 A CONCURRENT RESOLUTION relating to the establishment of the Penal Code...
CA SB1198 Pawnbrokers: fees and charges.
PA SB1095 In preliminary provisions, providing for residential rental property rate...
feedback