Government, State Agencies, and Privacy in California

May 03, 2022 | 4 minutes read
Government, State Agencies, and Privacy in California

Cal. Govt. Code § 11019.9 is an online data privacy law that was enacted in the U.S state of California in 2015. Cal. Govt. Code § 11019.9 was passed for the purpose of granting residents within the State of California access to certain public records and information. To this point, the law sets place several requirements on the departments and agencies that comprise the Government of California as it concerns ensuring that their respective websites and services do not interfere with the personal liberty or privacy of citizens. Most notably, state agencies and government institutions within California are required to develop and implement a privacy policy under the provisions of the law.

How is a state agency defined under the law?

Under Cal. Govt. Code § 11019.9, a state agency is defined as “every state office, officer, department, division, bureau, board, and commission or other state body or agency, except those agencies provided for in Article IV (except Section 20 thereof) or Article VI of the California Constitution”, while a public agency is defined as “any state or local agency.” Alternatively, the law defines public records “any writing containing information relating to the conduct of the public’s business prepared, owned, used, or retained by any state or local agency regardless of physical form or characteristics. “Public records” in the custody of, or maintained by, the Governor’s office means any writing prepared on or after January 6, 1975.”

What are the duties of state agencies under the law?

Cal. Govt. Code § 11019.9 mandates that state departments and agencies within California take the following steps and measures necessary to maintain the confidentiality and security of personally identifiable information pertaining to residents within the state. These steps and measures include:

What data elements are protected under the law?

Under Cal. Govt. Code § 11019.9, the data elements concerning citizens within the state that are legally protected from unauthorized disclosure include but are not limited to:

Privacy compliance and redaction

When looking to fulfill a public record request in order to maintain compliance with legislation such as Cal. Govt. Code § 11019.9, departments and agencies within the state will inevitably be faced with a dilemma. While they must comply with such requests, on one hand, they must also maintain the integrity and confidentiality of said information on the other. To combat this issue, state agencies can look to automatic redaction software programs. Using these programs, state agencies can redact specific categories of personal information, such as driver’s licenses, biometric data, and credit and debit card numbers, in an effort to guarantee that such information does not fall into the hands of cybercriminals or other bad actors within society.

Within the past 10 years, the state of California has passed a wide range of data privacy legislation. Whether it be in the form of the landmark California Privacy Rights and Enforcement Act of 2020 (CCPA) or the California Online Privacy Protection Act (CalOPPA), few states within the U.S. have gone to such great lengths to protect the privacy and personal information of their respective residents. To this point, Cal. Govt. Code § 11019.9 protects the privacy of California residents in regard to the accessing of public records and information, providing them with the ability to view such records without having their privacy infringed upon.

Related Reads

Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy
September 06, 2023 | 4 minutes read
Blurring Faces from Videos and The Truth About Body-Worn Camera Privacy

Body-worn cameras are an essential piece of equipment for law enforcement officers and the redaction of faces from BWC footage is necessary to protect the privacy of individuals.

Learn More »
Sensitive Information, Protected: Patient Privacy, HIPAA, And You
August 30, 2023 | 4 minutes read
Sensitive Information, Protected: Patient Privacy, HIPAA, And You

HIPAA compliance ensures patient privacy. Often making the consequences of non-compliance severe, so how do you avoid that?

Learn More »
Protecting Privacy in the Healthcare Field: PII, PHI & PCI
July 12, 2023 | 5 minutes read
Protecting Privacy in the Healthcare Field: PII, PHI & PCI

Healthcare professionals handle a wide range of sensitive data that is crucial for delivering quality care. But protecting that data is getting harder.

Learn More »
FISA Section 702, Is The US Government Monitoring You?
June 26, 2023 | 6 minutes read
FISA Section 702, Is The US Government Monitoring You?

Is there a give-and-take relationship that must be accepted when it comes to keeping the country safe? Should U.S. persons be okay with the incidental collection of their conversations in the name of national security under FISA Section 702? Even when it violates their constitutional rights? Well, that’s up to Congress to decide.

Learn More »
The Gap You Won’t Want to Close: Air-Gapped Systems
June 05, 2023 | 6 minutes read
The Gap You Won’t Want to Close: Air-Gapped Systems

An air-gapped system is a computer, or network that is physically isolated from any external connections and networks which includes the Internet. It operates in total isolation with neither wired nor wireless connections to other devices.

Learn More »
Using Redaction for Privacy Maintenance as An Investigator
May 31, 2023 | 5 minutes read
Using Redaction for Privacy Maintenance as An Investigator

These oaths emphasize upholding the law, serving the public, and protecting the rights of individuals. One of these many rights is privacy. An investigator must adhere to the legal and ethical guidelines within the jurisdiction and perform their investigation within those specifically set boundaries.

Learn More »