California lawmakers in the state Senate and Assembly have only until Feb. 16 to introduce new legislation for consideration this session. Electeds on both sides of the aisle are introducing technology legislation scrutinizing everything from artificial intelligence to elections, and from procurement to privacy. Among the takeaways:
- Assembly Bill 2013, from Assemblymember Jacqui Irwin, D-Thousand Oaks, would build on existing law requiring the California Department of Technology (CDT) to work with state entities to do by Sept. 1 an extensive inventory of high-risk automated decision systems proposed for use, being developed, used or procured by state agencies. AB 2013 would give developers of AI systems or services for residents to use until Jan. 1, 2026, to post documentation on their websites about the data they use to train the AI system or service. The bill would define an AI system or service as a “machine-based system or service that can, for a given set of human-defined objectives, generate content and make predictions, recommendations, or decisions influencing a real or virtual environment.” AB 2013 had its first reading Wednesday and may be heard in committee March 2 but has not been assigned yet.
- AB 1971, from Assemblymember Dawn Addis, D-Morro Bay, would build on the California Consumer Privacy Act of 2018 (CCPA) to create the Student Online Personal Information Protection Act (SOPIPA). The act would bar operators of Internet websites, online services, online apps, or mobile apps that know their site, service, or app is primarily used for K-12 school purposes and was designed and marketed for K-12 school purposes from knowingly selling a student’s information, including covered information, or using that information, including “persistent unique identifiers,” which they have created or gathered to profile students — except in “furtherance of K-12 school purposes.” Covered information is defined as personally identifiable information created or provided by a student, his or her parent or guardian, by an employee or agent of the educational entity, or gathered by the operator in question. The bill would also apply to individuals, partnerships, corporations, associations, companies, firms, institutions, societies, trusts, or joint stock companies that develop, sponsor or administer standardized tests. AB 1971 had its first reading Tuesday and may be heard in committee March 1 but has not yet been assigned.
- AB 2050, from Assemblymember Gail Pellerin, D-Santa Cruz, would permit the Secretary of State to apply for membership with the nonprofit Electronic Registration Information Center; and, if approved, execute a membership agreement. Per its website, the Center is nonpartisan, with a board comprised of state election officials. Founded in 2012, it is funded and governed by its member states and aims to help officials keep more accurate voter roles, detect potentially illegal voting, and assist in reaching out with information to eligible voters who aren’t registered. AB 2050 would require the Secretary of State keep confidential any information or data provided by another state and would authorize the Secretary of State to transmit confidential information or data in keeping with that agreement. Disclosure of any citizenship information or data, and of certain types of driver’s licenses and identification cards, would be prohibited. The Secretary of State’s Office would be required to be certified by CDT that all proper cybersecurity protections are in place before sending the Center any data or information. The bill had its first reading Thursday.
- AB 2030, from Assemblymember Laurie Davies, R-Laguna Niguel, would expand procurement authorization in the Small Business Procurement and Contract Act, which authorizes a state agency to award a contract for goods, services, or information technology with an estimated value of greater than $5,000 but less than $250,000 to a certified small business, including a microbusiness and a disabled veteran business enterprise, without complying with certain competitive bidding requirements, if the agency obtains price quotations from two or more of those businesses. The law also requires the state agency to consider a responsive offer from a responsible certified small business, including a microbusiness, or a disabled veteran business enterprise, if it’s received in a timely way. AB 2030 would allow a state agency to award a contract for goods, services, or information technology, of $5,000 to $249,999 in value, to an “LGBT business enterprise, a minority business enterprise, or a women business enterprise.” It would also require the agency to consider timely, responsive offers from these types of enterprises. The bill had its first reading Thursday.
- AB 2058, from Assemblymember Dr. Akilah Weber, D-San Diego, is an intent bill that would build on law requiring CDT to inventory all high-risk automated decision systems proposed for, or in use at, the state. It would state the intent of the Legislature to enact legislation relating to commercial algorithms and artificial intelligence-enabled medical devices. AB 2058 had its first reading Thursday.
- Senate Concurrent Resolution 94, introduced Jan. 3 by state Sen. Bill Dodd, D-Napa, would designate in perpetuity the fourth week of January as Data Privacy Week, and the last Sunday of January as Data Privacy Day. The resolution highlights creation of the California Privacy Protection Agency (CCPA) and voters’ approval in November 2020 of the California Privacy Rights Act, which created the CCPA. With committee readings and revision, the resolution has now been approved by both the state Senate and Assembly, with the latter ordering it back to the Senate following adoption Thursday.
