Two dates loom particularly large: Thursday is the last day for electeds to amend bills on the floor of the state Assembly or Senate; and Aug. 31 is the last day for each house to pass bills. Gov. Gavin Newsom then has until Sept. 30 to sign or veto legislation — but already, following long days of deliberation, the Senate and Assembly committees have placed scores of bills in “suspense,” and these will not advance this session.
Here are several pieces of proposed technology legislation that remain “alive” in Appropriations — and one that will not continue onward this year:
- State Senate Bill 717, from state Sen. Bill Dodd, D-Napa, would call on the California Department of Technology (CDT) — which already has oversight of state IT projects — to do more oversight on broadband. It would require that by Jan. 1, 2024, CDT review and identify to legislative committees the “barriers to, and opportunities for, investment in, and efficient building of, broadband access points on private and government-owned structures and property, private and public lands and buildings, and public rights of way.” The department would also be required to review barriers and opportunities around “access to mobile and fixed broadband Internet service infrastructure by low-income tribal, urban, and rural customers and underserved communities,” and make recommendations on speeding up those broadband deployments. The bill is now up for a third reading by the state Assembly Committee on Appropriations and will be eligible for a vote as early as Monday, a representative of Dodd’s office told Industry Insider — California via email. However, it’s uncertain whether the Assembly will take up the bill.
- SB 892, from Sen. Melissa Hurtado, D-Sanger, focuses on cybersecurity preparedness in the food, agriculture, water and wastewater systems sectors. It would require the California Governor’s Office of Emergency Services (Cal OES) to “develop, propose and adopt optional reporting requirements” for food and agriculture industry entities and cooperatives, and “entities in the water and wastewater systems” if a “significant and verified cyber threat or active cyber attack” is identified. The bill also requires Cal OES to provide a “strategic, multiyear outreach plan” to help these organizations boost cybersecurity; and it prohibits “disclosure as a public record” of a report of cyber attack or threat that is submitted in accordance with the reporting requirements. A representative of Hurtado’s office told Industry Insider via email that the bill will be taken up on the Assembly floor this week.
- AB 2135, from Assemblymember Jacqui Irwin, D-Thousand Oaks, would require state agencies whose information security is not handled by the Office of Information Security to adopt and implement Federal Information Processing Standards and National Institute of Standards and Technology standards on information security and privacy. The agencies also would have to contract with the California Military Department or a “qualified responsible vendor” every two years for a “comprehensive, independent security assessment.” And the agencies would have to certify annually by Feb. 1 that they meet the adopted standards, to the state Senate president and the Assembly speaker. The bill was ordered to the special consent calendar Aug. 22.
- AB 1711, from Assemblymember Kelly Seyarto, R-Murrieta, would require an agency, person or business that “owns or licenses” data with residents’ personal information (PI) to reveal a security breach once residents are notified; and it would require the agency to place a notice on its website when a person or business that runs a system on behalf of it released a similar security breach notification. This bill, too, is due for a third reading but it’s unclear when.
- AB 2408, from Jordan Cunningham, R-San Luis Obispo, was placed in suspense by the state Senate Committee on Appropriations. It was known as the Social Media Platform Duty to Children Act. Among its provisions, it would have prohibited social media platforms from using a “design, feature, or affordance” they knew or should have known “causes a child user, as defined, to become addicted to the platform.”