Lawmakers aren’t wasting time, passing a historic resolution on AI on their first day back, but both chambers have less than a month to pass bills before Sept. 14, the last day on state Senate and Assembly calendars to do so. Proposed laws have even less time — only until Sept. 1 — to be considered and passed by fiscal committees like the Appropriations committee in each house, which weigh a bill’s cost and similar issues.
Among the IT and innovation legislation still surviving this session:
- Senate Bill 721, from Sen. Josh Becker, D-Menlo Park, would create the California Interagency AI Working Group with a sunset of Jan. 1, 2030. It was placed “in suspense” in early May, but on May 25, it arrived in the Assembly to be heard, and on June 1, lawmakers referred it to the Assembly Committee on Privacy and Consumer Protection. If signed by Gov. Gavin Newsom, the bill would empower the group to report to the Legislature on AI — including with recommendations on a definition of AI pertaining to “its use in technology for use in legislation.” The group would also study the implications of AI data collection to inform testing and evaluation; determine which agencies should develop and oversee AI policy and its implementation; and determine steps to prevent AI-assisted misinformation campaigns. The group would be chaired by the state director of technology and would have 10 members including two Newsom appointees and one each appointed by the California Privacy Protection Agency and the California Department of Technology (CDT). A committee hearing date has not yet been set.
- Assembly Bill 749, from Assemblymember Jacqui Irwin, D-Thousand Oaks, would require state agencies by Jan. 1, 2025, to take action on data, hardware, software, internal systems and essential third-party software, including requiring multifactor authentication for access to all systems and data owned, managed, maintained or utilized by or on behalf of the agency. Agencies would also have to implement a zero-trust architecture and prioritize using solutions that either comply with, are authorized by, or align to federal guidelines, programs and frameworks. The chief of the Office of Information Security at CDT would have until Jan. 1, 2024, to “develop uniform technology policies, standards and procedures” to be used by all state agencies around “zero trust architecture, including multifactor authentication” on all systems in the State Administrative and Statewide Information Management manuals. Lawmakers referred the bill in July to the Senate Appropriations Committee, which is still considering it and will meet again Monday.
- SB 265, from Sen. Melissa Hurtado, D-Sanger, adds to existing law that created the California Governor’s Office of Emergency Services (Cal OES) and which required it to create the California Cybersecurity Integration Center (Cal-CSIC). The two entities already have until Jan. 1, 2024, to submit to the Legislature a “strategic, multiyear outreach plan to assist the food and agriculture sector and wastewater sector” in improving cybersecurity. SB 265 directs the two entities to create and submit to the Legislature by Jan. 1, 2025, a similar plan to help critical infrastructure sectors in increasing cybersecurity and securing funding to improve cybersecurity preparedness. According to federal definitions, critical infrastructure sectors could include communications, IT, transportation and emergency services sectors. Lawmakers on July 11 referred the bill to the Assembly Committee on Appropriations, which met Wednesday. A hearing date for this bill has not been set.
- AB 1034, from Assemblymember Lori Wilson, D-Suisun City, would update the law on what happens to data recorded by a peace officer’s body-worn camera. The law requires law enforcement to “consider best practices” on downloading and storing that data when it sets policy and procedure for a body camera system. This bill would prohibit law enforcement from “installing, activating, or using” biometric surveillance systems in connection with an officer’s camera or with data collected by an officer’s camera. It would let people sue for “equitable or declaratory relief” against an agency or officer who violates the law. The bill would sunset Jan. 1, 2034. It is before the Senate Standing Committee on Public Safety, which has a meeting set for Tuesday although the bill is not on the agenda.
