December 7, 2004

California Privacy Laws Reach Beyond California


Security and Disclosure Requirements Binding for All Firms Doing Business with California Consumers

YORK, Maine — December 7, 2004 — Businesses across the United States need to be aware of two important pieces of privacy legislation going into effect in California on January 1, 2005.

SB 27 — the "shine the light" law requires that companies doing business in California disclose their use of personally identifiable information for direct marketing.  AB 1950 requires that companies not already subject to data security federal standards comply with basic security safeguards to protect customer privacy and data integrity.

"S.B. 27 and A.B. 1950 are two of the most far-reaching measures in the latest wave of California privacy legislation," said Reece Hirsch, a partner with the San Francisco office of law firm Sonnenschein Nath & Rosenthal LLP.  "These two new laws will impact a wide range of companies doing business in California and may indicate the direction of future federal legislation."

The laws are the subject of an audio conference hosted by the International Association of Privacy Professionals on December 8, 2004, from 1:00 — 2:30pm ET.

"I think that helping to educate organizations on privacy requirements and best practices is probably the most effective thing this Office does to fulfill our mandate to protect consumer privacy," said Joanne McNabb, Chief, California Office of Privacy Protection.

McNabb and Hirsch are two of the panelists participating in the audio conference.  They will be joined by Harry Valetk, director of privacy online, Entertainment Software Rating Bureau, and noted privacy expert Larry Ponemon, chairman and founder of the Ponemon Institute.

"This teleconference is important for all privacy professionals, not just those individuals who operate from California-based organizations," Ponemon said.  "SB 27 and AB 1950 may be early indicators of what will happen on the federal regulatory scene."

December 8, 2004 — 1-2:30 pm (ET)

California Privacy Disclosures and Security Requirements

Two new California laws, SB 27 and AB 1950, mean new requirements for companies collecting personal information on California residents.  SB 27, the so-called "shine the light" law, requires detailed disclosure of personal information sharing for direct marketing purposes.  AB 1950 requires basic information security safeguards of companies not subject to similar federal rules. Our expert speaker team will examine the impact of these new laws and answer your specific questions.

  • Joanne McNabb, Chief, California Office of Privacy Protection, Sacramento, CA;
  • Reece Hirsch, Partner, Sonnenschein Nath & Rosenthal LLP, San Francisco, CA
  • Larry Ponemon, Chairman and Founder, Ponemon Institute, Tucson, Arizona
  • Harry Valetk, Director of Privacy Online, Entertainment Software Rating Bureau, New York, NY

Format and Fees

IAPP audio conferences are scheduled for 1½ hours, with the first hour dedicated to speaker presentations, followed by a Q&A period where the audio attendees get answers to their questions from the experts.  Reference materials are sent to the registrants approximately 48 hours in advance of the audio conference.  Registration fees:  $159 per line for IAPP members, and $179 per line for nonmembers.  To register or order a CD, retrieve the online order form from, or phone Katie Paris at 207-351-1500.

About the IAPP

The International Association of Privacy Professionals is the world's leading association of privacy and security professionals.  The IAPP helps define and support the profession of privacy by being a forum for interaction, education, and discussion across industries.