BILL ANALYSIS                                                                                                                                                                                                    



                                                                  AB 2091
                                                                  Page  1

          CONCURRENCE IN SENATE AMENDMENTS
          AB 2091 (Conway)
          As Amended  June 29, 2010
          Majority vote
           
           ----------------------------------------------------------------- 
          |ASSEMBLY:  |76-0 |(May 13, 2010)  |SENATE: |34-0 |(August 2,     |
          |           |     |                |        |     |2010)          |
           ----------------------------------------------------------------- 
            
           Original Committee Reference:    G.O.

          SUMMARY  :  Exempts from disclosure under the California Public  
          Records Act (CPRA) information security records that would  
          reveal vulnerabilities of an information technology system or  
          increase the potential for cyber attacks. 

           The Senate amendments  make technical and clarifying changes.

           EXISTING LAW  :

          1)Requires, under CPRA, state and local agencies to make public  
            records available upon receipt of a request that reasonably  
            describes an identifiable record not otherwise exempt from  
            disclosure.  

          2)Defines a state agency as every state office, officer,  
            department, division, bureau, board, and           commission  
            or other state body or agency, except those agencies provided  
            for in Article IV (except Section 20 thereof) or Article VI of  
            the California Constitution. 

          3)Exempts from public disclosure records of intelligence  
            information or security procedures of various state agencies,  
            as specified.

          4)Exempts from public disclosure documents prepared by or for a  
            state or local agency that assess vulnerability to terrorist  
            attack or other criminal acts intended to disrupt that public  
            agency's operations.

          5)Entrusts the Office of the State Chief Information Officer  
            (OCIO) with the task of establishing and enforcing state  
            information technology strategic plans, policies, standards,  
            and enterprise architecture. 








                                                                  AB 2091
                                                                  Page  2


          6)Requires the OCIO to prepare an annual information technology  
            strategic plan that shall guide the acquisition, management,  
            and use of information technology. 

           AS PASSED BY THE ASSEMBLY  , this bill exempts the information  
          security reports of a state            agency from the CPRA.

           FISCAL EFFECT  : This bill is keyed non-fiscal.

           COMMENTS  :  This bill is intended to provide a specific exemption  
          from disclosure under the CPRA to protect California residents  
          from information security breaches.        

          This bill provides that nothing in the CPRA shall be construed  
          to require the disclosure of an information security record of a  
          public agency, if, on the facts of the particular case,  
          disclosure of that record would reveal vulnerabilities to, or  
          otherwise increase the potential for an attack on, an  
          information technology system of a public agency.  According to  
          this bill's sponsor, OCIO, nothing in this bill shall be  
          construed to limit public disclosure of records stored within an  
          information technology system of a public agency that are not  
          otherwise exempt from disclosure pursuant to the provisions of  
          the CPRA or any other provision of law.


           Analysis Prepared by  :    Rod Brewer / G.O. / (916) 319-2531


                                                              FN:  0005595