These bills, which elected officials passed out of the state Assembly on Thursday, the last day for either house to pass bills, now head to Gov. Gavin Newsom’s desk, where he will have until Oct. 14 to either sign them into law or issue a veto. Here’s more information on the surviving legislation:
- State Assembly Bill 302, from Assemblymember Christopher M. Ward, D-San Diego, sets a deadline of Sept. 1, 2024, for the California Department of Technology (CDT), working with other interagency bodies, to do a “comprehensive inventory of all high-risk automated decision systems” that have been proposed for use, development or procurement by, or are being used, developed or procured by, state agencies. That inventory would have to have a description of the “categories of data and personal information the automated decision system uses to make its decisions.” By Jan. 1, 2025, and every year after, CDT would have to report on that inventory to legislative committees. The bill has been ordered to Engrossing and Enrolling for a series of last steps including proofreading before it’s sent to the governor.
- AB 1637, from Assemblymember Jacqui Irwin, D-Thousand Oaks, would apply to all cities including charter cities. It would require local agencies with public websites to make sure their websites use “a ‘.gov’ top-level domain or a ‘.ca.gov’ second-level domain” and, for local agencies that don’t already have that in place, would require them to “redirect that Internet website to a domain name that does utilize a ‘.gov’ or ‘.ca.gov’ domain.” This would be mandatory by Jan. 1, 2029, and would also apply to local government email addresses, requiring the agencies that provide these to employees to also use a “.gov” or a “.ca.gov” domain name. Local agencies in California qualify for a free “.gov” domain, according to the bill. The suffix is sponsored by the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security and available only to “United States-based government organizations and publicly controlled entities” like local agencies. The “.ca.gov” domain is overseen by the California Government Operations Agency; CDT manages registrations, changes and renewals. This bill, too, is headed for Engrossing and Enrolling and on to Newsom’s desk.
- AB 352, from Assemblymember Rebecca Bauer-Kahan, D-Orinda, builds on the Confidentiality of Medical Information Act, requiring businesses that “electronically store or maintain medical information on the provision of sensitive services” for a health care provider, service plan, pharmaceutical company, contractor, or employer to develop capabilities, policies and procedures by July 1 to enable security features, including limiting user access privileges and segregating medical information related to “gender affirming care, abortion and abortion-related services, and contraception.” The entities that are the bill’s focus generally would be barred from cooperating with inquiries and investigations by providing medical information, including to other states or federal law enforcement. The bill would exclude the exchange of health information related to abortion and abortion-related services from “automatically being shared on the California Health and Human Services Data Exchange Framework.” This bill, too, is headed to the governor for a signature.
- AB 645, from Assemblymember Laura Friedman, D-Burbank, would create a pilot program until Jan. 1, 2032, for automated speed cameras targeting speeders in five major cities — Los Angeles, San Jose, Oakland, Glendale and Long Beach — and the state’s lone consolidated city-county, San Francisco. Participating local governments would have to adopt a so-called Speed Safety System Use Policy and a Speed Safety System Impact Report before implementation; would need to do a public information campaign of at least 30 days before starting the pilot, with information on when and where the system would be used; and would have to give warning notices instead of violations during the pilot’s first 60 days. Participants would also have to create uniform guidelines for processing and storage of confidential information and would have to make confidential all photographic or administrative records — not including data on the number of violations issued or the speeds for which they were issued. Recorded violations would be subject only to “provided civil penalties,” per the bill, and a “diversion program for indigent speed safety system violation recipients” would have to be created. Participants would also have to turn in a report evaluating the new system’s impact on street safety and its economic impact on the communities where it’s utilized. The bill cleared the statehouse Wednesday and is headed to the governor’s desk.
