CALIFORNIA LEGISLATURE 20172018 REGULAR SESSION Assembly Bill No. 1634Introduced by Assembly Member KileyFebruary 17, 2017 An act to amend Section 1798.79 of the Civil Code, relating to privacy. LEGISLATIVE COUNSEL'S DIGESTAB 1634, as introduced, Kiley. Privacy.Under existing law, it is a misdemeanor for a person or entity to intentionally remotely read or attempt to remotely read a persons identification document using radio frequency information without that persons knowledge or prior consent, subject to certain exceptions. For a violation of these provisions, existing law prescribes imprisonment in county jail for up to one year, a fine of not more than $1,500, or both fine and imprisonment. This bill would make a nonsubstantive change to these provisions.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NO Local Program: NO Bill TextThe people of the State of California do enact as follows:SECTION 1. Section 1798.79 of the Civil Code is amended to read:1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
CALIFORNIA LEGISLATURE 20172018 REGULAR SESSION Assembly Bill No. 1634Introduced by Assembly Member KileyFebruary 17, 2017 An act to amend Section 1798.79 of the Civil Code, relating to privacy. LEGISLATIVE COUNSEL'S DIGESTAB 1634, as introduced, Kiley. Privacy.Under existing law, it is a misdemeanor for a person or entity to intentionally remotely read or attempt to remotely read a persons identification document using radio frequency information without that persons knowledge or prior consent, subject to certain exceptions. For a violation of these provisions, existing law prescribes imprisonment in county jail for up to one year, a fine of not more than $1,500, or both fine and imprisonment. This bill would make a nonsubstantive change to these provisions.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NO Local Program: NO
CALIFORNIA LEGISLATURE 20172018 REGULAR SESSION
Assembly Bill No. 1634
Introduced by Assembly Member KileyFebruary 17, 2017
Introduced by Assembly Member Kiley
February 17, 2017
An act to amend Section 1798.79 of the Civil Code, relating to privacy.
LEGISLATIVE COUNSEL'S DIGEST
## LEGISLATIVE COUNSEL'S DIGEST
AB 1634, as introduced, Kiley. Privacy.
Under existing law, it is a misdemeanor for a person or entity to intentionally remotely read or attempt to remotely read a persons identification document using radio frequency information without that persons knowledge or prior consent, subject to certain exceptions. For a violation of these provisions, existing law prescribes imprisonment in county jail for up to one year, a fine of not more than $1,500, or both fine and imprisonment. This bill would make a nonsubstantive change to these provisions.
Under existing law, it is a misdemeanor for a person or entity to intentionally remotely read or attempt to remotely read a persons identification document using radio frequency information without that persons knowledge or prior consent, subject to certain exceptions. For a violation of these provisions, existing law prescribes imprisonment in county jail for up to one year, a fine of not more than $1,500, or both fine and imprisonment.
This bill would make a nonsubstantive change to these provisions.
## Digest Key
## Bill Text
The people of the State of California do enact as follows:SECTION 1. Section 1798.79 of the Civil Code is amended to read:1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
The people of the State of California do enact as follows:
## The people of the State of California do enact as follows:
SECTION 1. Section 1798.79 of the Civil Code is amended to read:1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
SECTION 1. Section 1798.79 of the Civil Code is amended to read:
### SECTION 1.
1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.(c) Subdivision (a) shall not apply to:(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.
1798.79. (a) Except as provided in this section, a person or entity that intentionally remotely reads or attempts to remotely read a persons identification document using radio frequency identification (RFID), identification, for the purpose of reading that persons identification document without that persons knowledge and prior consent, shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.
(b) A person or entity that knowingly discloses, or causes to be disclosed, the operational system keys used in a contactless identification document system shall be punished by imprisonment in a county jail for up to one year, a fine of not more than one thousand five hundred dollars ($1,500), or both that fine and imprisonment.
(c) Subdivision (a) shall not apply to:
(1) The reading of a persons identification document for triage or medical care during a disaster and immediate hospitalization or immediate outpatient care directly related to a disaster, as defined by the local emergency medical services agency organized under Section 1797.200 of the Health and Safety Code.
(2) The reading of a persons identification document by a health care professional for reasons relating to the health or safety of that person or an identification document issued to a patient by emergency services.
(3) The reading of an identification document of a person who is incarcerated in the state prison or a county jail, detained in a juvenile facility operated by the Division of Juvenile Facilities in the Department of Corrections and Rehabilitation, or housed in a mental health facility, pursuant to a court order after having been charged with a crime, or to a person pursuant to a court-ordered electronic monitoring.
(4) Law enforcement or government personnel who need to read a lost identification document when the owner is unavailable for notice, knowledge, or consent, or those parties specifically authorized by law enforcement or government personnel for the limited purpose of reading a lost identification document when the owner is unavailable for notice, knowledge, or consent.
(5) Law enforcement personnel who need to read a persons identification document after an accident in which the person is unavailable for notice, knowledge, or consent.
(6) Law enforcement personnel who need to read a persons identification document pursuant to a search warrant.
(d) Subdivision (a) shall not apply to a person or entity that unintentionally remotely reads a persons identification document using RFID in the course of operating a contactless identification document system unless it knows it unintentionally read the document and thereafter intentionally does any of the following acts:
(1) Discloses what it read to a third party whose purpose is to read a persons identification document, or any information derived therefrom, without that persons knowledge and consent.
(2) Stores what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.
(3) Uses what it read for the purpose of reading a persons identification document, or any information derived therefrom, without that persons knowledge and prior consent.
(e) Subdivisions (a) and (b) shall not apply to the reading, storage, use, or disclosure to a third party of a persons identification document, or information derived therefrom, in the course of an act of good faith security research, experimentation, or scientific inquiry, including, but not limited to, activities useful in identifying and analyzing security flaws and vulnerabilities.
(f) Nothing in this section shall affect the existing rights of law enforcement to access data stored electronically on drivers licenses.
(g) The penalties set forth in subdivisions (a) and (b) are independent of, and do not supersede, any other penalties provided by state law, and in the case of any conflict, the greater penalties shall apply.