BILL NUMBER: AB 853	AMENDED
	BILL TEXT

	AMENDED IN ASSEMBLY  APRIL 30, 2015
	AMENDED IN ASSEMBLY  MARCH 24, 2015

INTRODUCED BY   Assembly Member Roger Hernández

                        FEBRUARY 26, 2015

   An act to add Section 764 to the Public Utilities Code, relating
to energy.



	LEGISLATIVE COUNSEL'S DIGEST


   AB 853, as amended, Roger Hernández. Electrical and gas
corporations: security of plant and facilities.
   Under existing law, the Public Utilities Commission has regulatory
authority over public utilities, including electrical corporations
and gas corporations, as defined. If the commission finds after a
hearing that the rules, practices, equipment, appliances, facilities,
or service of any public utility, or of the methods of manufacture,
distribution, transmission, storage, or supply employed by the public
utility, are unjust, unreasonable, unsafe, improper, inadequate, or
insufficient, the Public Utilities Act requires that the commission
determine and, by order or rule, fix the rules, practices, equipment,
appliances, facilities, service, or methods to be observed,
furnished, constructed, enforced, or employed. The Public Utilities
Act requires the commission to prescribe rules for the performance of
any service or the furnishing of any commodity of the character
furnished or supplied by any public utility and, on proper demand and
tender of rates, require the public utility to furnish the commodity
or render the service within the time and upon the conditions
provided in the rules adopted by the commission.
   This bill would, to the extent feasible, require an electrical
corporation or gas corporation to utilize direct employees, as
defined, for any work associated with the design, engineering, and
operation of its nuclear, electrical, and gas infrastructure,
including all computer and information technology systems, unless the
utility files a Tier 3 advice letter with the commission that
demonstrates that the work can be performed safely and securely, and
without jeopardizing the security of its nuclear, electrical, and gas
 infrastructure   infrastructure,  by
persons that are not direct employees. The bill would require the
commission to open a proceeding, or expand the scope of an existing
proceeding, to evaluate the advice letter and to hold not less than
one duly noticed public hearing for the proceeding. The bill would
require the commission to issue a written decision determining
whether the electrical corporation or gas corporation may utilize
persons that are not direct employees for the described work.
   Under existing law, a violation of the Public Utilities Act or any
order, decision, rule, direction, demand, or requirement of the
commission is a crime.
   Because the provisions of this bill would be a part of the act and
because a violation of an order or decision of the commission
implementing its requirements would be a crime, the bill would impose
a state-mandated local program by creating a new crime.
   The California Constitution requires the state to reimburse local
agencies and school districts for certain costs mandated by the
state. Statutory provisions establish procedures for making that
reimbursement.
   This bill would provide that no reimbursement is required by this
act for a specified reason.
   Vote: majority. Appropriation: no. Fiscal committee: yes.
State-mandated local program: yes.


THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS:

  SECTION 1.  Section 764 is added to the Public Utilities Code, to
read:
   764.  (a) The Legislature finds and declares all of the following:

   (1) Protecting the security of nuclear, electrical, and natural
gas utility systems is a paramount state interest.
   (2) Protecting the privacy of ratepayers' personal information,
including usage information, is a paramount state interest.
   (3) Recent intrusions into major corporate computer systems,
including Sony and Anthem Blue Cross, and the theft of information
from those systems have demonstrated the vulnerability of those
systems.
   (4) The computer systems of California's electrical corporations
and gas corporations have information about the design, engineering,
and operation of the nuclear, electrical, and natural gas utility
infrastructure, as well as personal information about California
ratepayers. This information could be used to compromise the security
of California's utility infrastructure and the privacy of California'
s ratepayers.
   (5) Widespread deployment of smart meters, smart grid equipment,
and microgrids increases the importance of protecting the computer
systems of electrical corporations and gas corporations.
   (6) The part of any computer system that is most vulnerable to
being compromised is the personnel who operate that system.
   (7) Electrical corporations and gas corporations should make every
reasonable effort to protect their computer systems from
unauthorized intrusions.
   (8) To protect the security of electrical and natural gas utility
computer systems, including nuclear infrastructure, the information
technology personnel who operate those systems should be direct
employees of the electrical corporation or gas corporation.
   (9) To protect the security of nuclear, electrical, and gas
utility infrastructure, the design, engineering, and operation of
that infrastructure should, to the extent feasible, be performed by
direct employees of the electrical corporation or gas corporation.
   (b) For purposes of this section, "direct employees" for
construction or maintenance work include the employees of a
contractor or subcontractor licensed in California and working under
the direct supervision of the electrical corporation or gas
corporation.
   (c) To the extent feasible, an electrical corporation or gas
corporation shall utilize direct employees for any work associated
with the design, engineering, and operation of its nuclear,
electrical, and gas infrastructure, including all computer and
information technology systems, unless the utility complies with the
requirements of this section and obtains the approval of the
commission pursuant to this section.
   (d) Before utilizing persons that are not direct employees for
work associated with the design, engineering, and operation of its
nuclear, electrical, and gas infrastructure, including all computer
and information technology systems, an electrical corporation or gas
corporation shall file a Tier 3 advice letter with the commission
that demonstrates that the work can be performed safely and securely,
and without jeopardizing the security of its nuclear, electrical,
and gas infrastructure.
   (e) The commission shall open a proceeding, or expand the scope of
an existing proceeding, to evaluate the advice letter. The
commission shall hold not less than one duly noticed public hearing
for the proceeding. The commission shall issue a written decision
determining whether the electrical corporation or gas corporation may
utilize persons that are not direct employees for the described
work. 
   (f) A person or corporation owning or operating a qualifying
facility pursuant to federal law or a facility that is an exempt
wholesale generator is not an electrical corporation due to the
ownership or operation of that facility. This subdivision is
declaratory of existing law. 
  SEC. 2.  No reimbursement is required by this act pursuant to
Section 6 of Article XIII B of the California Constitution because
the only costs that may be incurred by a local agency or school
district will be incurred because this act creates a new crime or
infraction, eliminates a crime or infraction, or changes the penalty
for a crime or infraction, within the meaning of Section 17556 of the
Government Code, or changes the definition of a crime within the
meaning of Section 6 of Article XIII B of the California
Constitution.