Calif. law requires free year of credit monitoring after data breaches

California Gov. Jerry Brown has signed into law legislation that requires companies affected by data breaches to offer credit monitoring service for at least 12 months, at no cost to the consumer.

The sponsors of Assembly Bill 1710, Assemblymen Roger Dickinson (D-Sacramento) and Bob Wieckowski (D-Fremont) said in a statement that the provision would be triggered if social security numbers or driver's license numbers are breached.

The law also prohibits the sale of social security numbers, except when it is part of a legitimate business transaction. In addition, it provides that existing personal information data security obligations apply to businesses that maintain personal information in addition to those who own or license the information.

Assemblyman Dickinson, who is chair of the Assembly Banking and Finance Committee, said in the statement, “Recent breaches emphasized the need for stronger consumer protections and awareness. The retailers affected by the recent mega data breaches are not the first nor will they be the last. AB 1710 will increase consumer privacy, ensure appropriate fraud and identity theft protection, and safeguard against the exploitation of personal information.”