BILL NUMBER: SB 949	INTRODUCED
	BILL TEXT


INTRODUCED BY   Senator Jackson

                        FEBRUARY 4, 2016

   An act to add Section 8573.1 to the Government Code, relating to
emergency services.


	LEGISLATIVE COUNSEL'S DIGEST


   SB 949, as introduced, Jackson. Emergency services: critical
infrastructure information.
   The California Emergency Services Act requires the Governor to
coordinate the State Emergency Plan and any programs necessary for
the mitigation of the effects of an emergency in this state, as
specified. The act also establishes, within the office of the
Governor, the Office of Emergency Services and requires it to perform
various duties with respect to specified emergency preparedness,
mitigation, and response activities in the state.
   This bill would authorize the Governor to require owners and
operators of critical infrastructure to submit critical
infrastructure information, as those terms are defined, to the Office
of Emergency Services, or any other designee, for the purposes of
gathering, analyzing, communicating, or disclosing critical
infrastructure information, as provided.
   The California Public Records Act requires state and local
agencies to make their records available for public inspection,
unless an exemption from disclosure applies. The act exempts from
these disclosure requirements, among other documents, critical
infrastructure information, as defined, that is voluntarily submitted
to the Office of Emergency Services for use by that office.
   This bill would provide that critical infrastructure information
obtained pursuant to its provisions would be confidential and not
subject to disclosure under the California Public Records Act,
subpoena, or discovery, or admissible as evidence in any private
civil action.
   Existing constitutional provisions require that a statute that
limits the right of access to the meetings of public bodies or the
writings of public officials and agencies be adopted with findings
demonstrating the interest protected by the limitation and the need
for protecting that interest.
   This bill would make legislative findings to that effect.
   Vote: majority. Appropriation: no. Fiscal committee: yes.
State-mandated local program: no.


THE PEOPLE OF THE STATE OF CALIFORNIA DO ENACT AS FOLLOWS:

  SECTION 1.  Section 8573.1 is added to the Government Code, to
read:
   8573.1.  (a) As used in this section, the following definitions
shall apply:
   (1) "Critical infrastructure" means systems and assets so vital to
the state that the incapacity or destruction of those systems or
assets would have a debilitating impact on security, economic
security, public health and safety, or any combination of those
matters.
   (2) "Critical infrastructure information" means information not
customarily in the public domain pertaining to any of the following:
   (A) Actual, potential, or threatened interference, or an attack
on, compromise of, or incapacitation of critical infrastructure by
either physical or computer-based attack or other similar conduct,
including the misuse of, or unauthorized access to, all types of
communications and data transmission systems, that violates federal,
state, or local law, harms economic security, or threatens public
health or safety.
   (B) The ability of critical infrastructure to resist any
interference, compromise, or incapacitation, including any planned or
past assessment or estimate of the vulnerability of critical
infrastructure, including security testing, risk evaluation, risk
management planning, or risk audits.
   (C) Any planned or past operational problem or solution regarding
critical infrastructure, including repair, recovery, reconstruction,
insurance, or continuity, to the extent it is related to
interference, compromise, or incapacitation of critical
infrastructure.
   (b) The Governor may require owners and operators of critical
infrastructure to submit critical infrastructure information to the
Office of Emergency Services, or any other designee, for the
following purposes:
   (1) To gather and analyze critical infrastructure information in
order to better understand security problems and interdependencies
related to critical infrastructure, so as to ensure the availability,
integrity, and reliability of that critical infrastructure.
   (2) To communicate or disclose critical infrastructure information
to help prevent, detect, mitigate, or recover from the effects of an
interference, compromise, or incapacitation problem related to
critical infrastructure.
   (c) Critical infrastructure information obtained pursuant to this
section shall be confidential and privileged, and shall not be
subject to disclosure pursuant to the California Public Records Act
(Chapter 3.5 (commencing with Section 6250) of Division 1 of Title
1), subpoena, or discovery, or admissible as evidence in any private
civil action.
  SEC. 2.  The Legislature finds and declares that Section 1 of this
act, which adds Section 8573.1 to the Government Code, imposes a
limitation on the public's right of access to the meetings of public
bodies or the writings of public officials and agencies within the
meaning of Section 3 of Article I of the California Constitution.
Pursuant to that constitutional provision, the Legislature makes the
following findings to demonstrate the interest protected by this
limitation and the need for protecting that interest:
   In order to promote effective emergency planning and to ensure
that information about the state's critical infrastructure, including
information about threats to and vulnerabilities in that
infrastructure and measures taken to protect it, remains secure, it
is necessary to limit the public's right of access to this
information.