California 2023-2024 Regular Session

California Senate Bill SB1000 Compare Versions

Version 1 (Old)

Version 2 (New)

Old	New		Differences
1		-	~~Amended IN Assembly June 24, 2024~~ Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Senate Bill No. 1000Introduced by Senators Ashby and RubioFebruary 01, 2024An act to add Chapter 35.5 (commencing with Section 22948.30) to Division 8 of the Business and Professions Code, and to amend Section 6320 of the Family Code, relating to connected devices.LEGISLATIVE COUNSEL'S DIGESTSB 1000, as amended, Ashby. Connected devices: device protection requests.Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.This bill would, commencing January 1, 2026, require an account manager, as defined, to terminate or disable a covered device or account access to a perpetrator, as defined, commencing no later than 2 days after a device protection request is submitted to the account manager by a survivor of that perpetrator, and would specify the requirements for a survivor to submit a device protection request and the requirements that an account manager make the request available, subject to specified exceptions. By providing that a survivor may include a copy of a signed affidavit to submit a device protection request, and thus expanding the crime of perjury, this bill would impose a state-mandated local program.This bill would require the account manager to notify the survivor of specified information and require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted by a survivor as confidential and securely dispose of the information, as provided.This bill would authorize enforcement of these provisions by injunction or civil penalty in any court action by any person injured by a violation of those provisions, the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor, against an account manager or perpetrator, as provided. The bill would prohibit a waiver of these prohibitions and would declare that these provisions are severable.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that meets specified requirements. This bill would require a requester ~~survivor~~ to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.This bill would provide that no reimbursement is required by this act for a specified reason.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: ~~NOYES~~ Local Program: ~~NOYES~~ Bill TextThe people of the State of California do enact as follows:SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse. ~~97 percent of domestic violence programs report that abusers misuse technology to stalk, harass, and control victims.~~(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. ~~address or enables a person~~ to remotely ~~obtain~~ data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d)(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.~~(h) Survivor means~~ an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account ~~or account means an account or other means by which a person enrolls~~ in ~~or obtains access to a connected device or online service.22948.31. (a) (1) Commencing no later than two business days after receiving a device protection~~ request ~~that meets the requirements of from a survivor pursuant to subdivision~~ (b)~~, an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)~~A device protection request shall include all of the following:(2) ~~After receiving a~~ device protection request ~~from a survivor pursuant to~~ subdivision (b)~~, a vehicle manufacturer~~ shall ~~immediately terminate or disable remote vehicle technology, as identified~~ in ~~the~~ request.(b) ~~In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all~~ of the following:(1) ~~A verification~~ that the perpetrator has committed or allegedly committed a covered act against the survivor or an individual in the survivors care, by providing either of the following:(A) A copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that ~~third party while acting in the third partys professional capacity to indicate~~ that ~~the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.~~(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.34.5. Notwithstanding any other provision of this chapter, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law, shall not be subject to this chapter.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.SEC. 3. Section 6320 of the Family Code is amended to read:6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.SEC. 4. No reimbursement is required by this act pursuant to Section 6 of Article XIIIB of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIIIB of the California Constitution.
	1	+	Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Senate Bill No. 1000Introduced by Senators Ashby and RubioFebruary 01, 2024An act to add Chapter 35.5 (commencing with Section 22948.30) to Division 8 of the Business and Professions Code, and to amend Section 6320 of the Family Code, relating to connected devices.LEGISLATIVE COUNSEL'S DIGESTSB 1000, as amended, Ashby. Connected devices: device protection requests.Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to.This to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester to submit a vehicle separation notice that meets specified requirements. This bill would require a requester to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NO Local Program: NO Bill TextThe people of the State of California do enact as follows:SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.SEC. 3. Section 6320 of the Family Code is amended to read:6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
2	2
3		-	~~Amended IN Assembly June 24, 2024~~ Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Senate Bill No. 1000Introduced by Senators Ashby and RubioFebruary 01, 2024An act to add Chapter 35.5 (commencing with Section 22948.30) to Division 8 of the Business and Professions Code, and to amend Section 6320 of the Family Code, relating to connected devices.LEGISLATIVE COUNSEL'S DIGESTSB 1000, as amended, Ashby. Connected devices: device protection requests.Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.This bill would, commencing January 1, 2026, require an account manager, as defined, to terminate or disable a covered device or account access to a perpetrator, as defined, commencing no later than 2 days after a device protection request is submitted to the account manager by a survivor of that perpetrator, and would specify the requirements for a survivor to submit a device protection request and the requirements that an account manager make the request available, subject to specified exceptions. By providing that a survivor may include a copy of a signed affidavit to submit a device protection request, and thus expanding the crime of perjury, this bill would impose a state-mandated local program.This bill would require the account manager to notify the survivor of specified information and require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted by a survivor as confidential and securely dispose of the information, as provided.This bill would authorize enforcement of these provisions by injunction or civil penalty in any court action by any person injured by a violation of those provisions, the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor, against an account manager or perpetrator, as provided. The bill would prohibit a waiver of these prohibitions and would declare that these provisions are severable.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that meets specified requirements. This bill would require a requester ~~survivor~~ to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.This bill would provide that no reimbursement is required by this act for a specified reason.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: ~~NOYES~~ Local Program: ~~NOYES~~
	3	+	Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024 CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION Senate Bill No. 1000Introduced by Senators Ashby and RubioFebruary 01, 2024An act to add Chapter 35.5 (commencing with Section 22948.30) to Division 8 of the Business and Professions Code, and to amend Section 6320 of the Family Code, relating to connected devices.LEGISLATIVE COUNSEL'S DIGESTSB 1000, as amended, Ashby. Connected devices: device protection requests.Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to.This to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester to submit a vehicle separation notice that meets specified requirements. This bill would require a requester to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.Digest Key Vote: MAJORITY Appropriation: NO Fiscal Committee: NO Local Program: NO
4	4
5		-	~~Amended IN Assembly June 24, 2024~~ Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024
	5	+	Amended IN Assembly June 20, 2024 Amended IN Senate May 16, 2024 Amended IN Senate April 25, 2024 Amended IN Senate March 13, 2024
6	6
7		-	Amended IN Assembly June 24, 2024
8	7		Amended IN Assembly June 20, 2024
9	8		Amended IN Senate May 16, 2024
10	9		Amended IN Senate April 25, 2024
11	10		Amended IN Senate March 13, 2024
12	11
13	12		CALIFORNIA LEGISLATURE 20232024 REGULAR SESSION
14	13
15	14		Senate Bill
16	15
17	16		No. 1000
18	17
19	18		Introduced by Senators Ashby and RubioFebruary 01, 2024
20	19
21	20		Introduced by Senators Ashby and Rubio
22	21		February 01, 2024
23	22
24	23		An act to add Chapter 35.5 (commencing with Section 22948.30) to Division 8 of the Business and Professions Code, and to amend Section 6320 of the Family Code, relating to connected devices.
25	24
26	25		LEGISLATIVE COUNSEL'S DIGEST
27	26
28	27		## LEGISLATIVE COUNSEL'S DIGEST
29	28
30	29		SB 1000, as amended, Ashby. Connected devices: device protection requests.
31	30
32		-	Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.This bill would, commencing January 1, 2026, require an account manager, as defined, to terminate or disable a covered device or account access to a perpetrator, as defined, commencing no later than 2 days after a device protection request is submitted to the account manager by a survivor of that perpetrator, and would specify the requirements for a survivor to submit a device protection request and the requirements that an account manager make the request available, subject to specified exceptions. By providing that a survivor may include a copy of a signed affidavit to submit a device protection request, and thus expanding the crime of perjury, this bill would impose a state-mandated local program.This bill would require the account manager to notify the survivor of specified information and require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted by a survivor as confidential and securely dispose of the information, as provided.This bill would authorize enforcement of these provisions by injunction or civil penalty in any court action by any person injured by a violation of those provisions, the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor, against an account manager or perpetrator, as provided. The bill would prohibit a waiver of these prohibitions and would declare that these provisions are severable.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that meets specified requirements. This bill would require a requester ~~survivor~~ to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.This bill would provide that no reimbursement is required by this act for a specified reason.
	31	+	Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to.This to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester to submit a vehicle separation notice that meets specified requirements. This bill would require a requester to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.
33	32
34	33		Existing law authorizes a court to issue a restraining order to a person to prevent abuse, as specified, based on reasonable proof of a past act or acts of abuse. Existing law authorizes the order to be issued solely on the affidavit or testimony of the person requesting the restraining order.
35	34
36	35		Existing law requires a manufacturer of a connected device to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and information contained in the device from unauthorized access, destruction, use, modification, or disclosure.
37	36
38		-	This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.
39		-
40		-
41		-
42		-	This bill would, commencing January 1, 2026, require an account manager, as defined, to terminate or disable a covered device or account access to a perpetrator, as defined, commencing no later than 2 days after a device protection request is submitted to the account manager by a survivor of that perpetrator, and would specify the requirements for a survivor to submit a device protection request and the requirements that an account manager make the request available, subject to specified exceptions. By providing that a survivor may include a copy of a signed affidavit to submit a device protection request, and thus expanding the crime of perjury, this bill would impose a state-mandated local program.
43		-
44		-	This bill would require the account manager to notify the survivor of specified information and require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted by a survivor as confidential and securely dispose of the information, as provided.
45		-
46		-	This bill would authorize enforcement of these provisions by injunction or civil penalty in any court action by any person injured by a violation of those provisions, the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor, against an account manager or perpetrator, as provided. The bill would prohibit a waiver of these prohibitions and would declare that these provisions are severable.
	37	+	This bill would, commencing January 1, 2026, require an account manager, as defined, to deny a person access to a connected device commencing no later than 2 days after a device protection request is submitted to the account manager, as provided, and would set forth the requirements on an account manager to make information about requests and the request process available. The bill would require a device protection request to include verification of the requesters exclusive legal possession or control of the connected device, as specified, and identification of the connected device and the person that the requester seeks to deny access to.This to. The bill would authorize an account manager to contact the requester or their representative to confirm that device access is denied or notify the requester that the request is incomplete. The bill would require an account manager and any officer, director, employee, vendor, or agent thereof to treat any information submitted as confidential and securely dispose of the information, as provided.
47	38
48	39		Existing law authorizes a court to issue an ex parte order for, among other things, disturbing the peace of the other party. Existing law provides that disturbing the peace of the other party may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, or other electronic technologies.
49	40
50	41		This bill would provide that, for purposes of those provisions, an internet-connected device includes a connected device as described in the bill.
51	42
52	43		Existing law establishes various privacy requirements applicable to vehicle manufacturers, including limitations on the usage of images or video recordings from in-vehicle cameras in new motor vehicles equipped standard with one or more in-vehicle cameras.
53	44
54		-	This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester survivor to submit a vehicle separation notice that meets specified requirements. This bill would require a requester survivor to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester survivor used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.
55		-
56		-	The California Constitution requires the state to reimburse local agencies and school districts for certain costs mandated by the state. Statutory provisions establish procedures for making that reimbursement.
57		-
58		-	This bill would provide that no reimbursement is required by this act for a specified reason.
	45	+	This bill would, among other things, require a vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology to do certain things, including ensuring that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle. The bill would require a vehicle manufacturer to offer secure remote means via the internet for a requester to submit a vehicle separation notice that meets specified requirements. This bill would require a requester to submit a vehicle separation notice through the secure remote means within 7 days of the date on which the requester used the method of manually disabling remote vehicle technology and would require the notice to include prescribed information.
59	46
60	47		## Digest Key
61	48
62	49		## Bill Text
63	50
64		-	The people of the State of California do enact as follows:SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse. ~~97 percent of domestic violence programs report that abusers misuse technology to stalk, harass, and control victims.~~(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. ~~address or enables a person~~ to remotely ~~obtain~~ data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d)(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.~~(h) Survivor means~~ an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account ~~or account means an account or other means by which a person enrolls~~ in ~~or obtains access to a connected device or online service.22948.31. (a) (1) Commencing no later than two business days after receiving a device protection~~ request ~~that meets the requirements of from a survivor pursuant to subdivision~~ (b)~~, an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)~~A device protection request shall include all of the following:(2) ~~After receiving a~~ device protection request ~~from a survivor pursuant to~~ subdivision (b)~~, a vehicle manufacturer~~ shall ~~immediately terminate or disable remote vehicle technology, as identified~~ in ~~the~~ request.(b) ~~In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all~~ of the following:(1) ~~A verification~~ that the perpetrator has committed or allegedly committed a covered act against the survivor or an individual in the survivors care, by providing either of the following:(A) A copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that ~~third party while acting in the third partys professional capacity to indicate~~ that ~~the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.~~(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.34.5. Notwithstanding any other provision of this chapter, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law, shall not be subject to this chapter.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.SEC. 3. Section 6320 of the Family Code is amended to read:6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.SEC. 4. No reimbursement is required by this act pursuant to Section 6 of Article XIIIB of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIIIB of the California Constitution.
	51	+	The people of the State of California do enact as follows:SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.SEC. 3. Section 6320 of the Family Code is amended to read:6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
65	52
66	53		The people of the State of California do enact as follows:
67	54
68	55		## The people of the State of California do enact as follows:
69	56
70		-	SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse~~. 97 percent of domestic violence programs report that abusers misuse technology to stalk, harass, and control victims~~.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.
	57	+	SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.
71	58
72		-	SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse~~. 97 percent of domestic violence programs report that abusers misuse technology to stalk, harass, and control victims~~.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.
	59	+	SECTION 1. The Legislature finds and declares all of the following:(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse.(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.
73	60
74	61		SECTION 1. The Legislature finds and declares all of the following:
75	62
76	63		### SECTION 1.
77	64
78	65		(a) According to the National Domestic Violence Hotline, almost one-half of all women and men in the United States have experienced psychological aggression by an intimate partner in their lifetime.
79	66
80		-	(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse. ~~97 percent of domestic violence programs report that abusers misuse technology to stalk, harass, and control victims.~~
	67	+	(b) According to the National Network to End Domestic Violence, 71 percent of domestic abusers monitor survivors device activities, and 63 percent of survivors receiving services from domestic violence programs reported tech-based abuse.
81	68
82	69		(c) An increase in the use of technology has become a concerning tool in cases of domestic violence and harassment. Perpetrators leverage smartphone applications to remotely control everyday objects to exercise control over, monitor, and abuse their victims.
83	70
84	71		(d) Domestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have lasting and harmful effects on individuals, families, and entire communities.
85	72
86	73		(e) Survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services.
87	74
88	75		(f) Laws related to the use of technology can play a public interest role in the promotion of safety, life, and property with respect to these types of violence and abuse. Independent access to devices can assist survivors in establishing security and autonomy.
89	76
90	77		(g) Safeguards within tech-based services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.
91	78
92		-	SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. ~~address or enables a person~~ to remotely ~~obtain~~ data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d)(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.~~(h) Survivor means~~ an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account ~~or account means an account or other means by which a person enrolls~~ in ~~or obtains access to a connected device or online service.22948.31. (a) (1) Commencing no later than two business days after receiving a device protection~~ request ~~that meets the requirements of from a survivor pursuant to subdivision~~ (b)~~, an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)~~A device protection request shall include all of the following:(2) ~~After receiving a~~ device protection request ~~from a survivor pursuant to~~ subdivision (b)~~, a vehicle manufacturer~~ shall ~~immediately terminate or disable remote vehicle technology, as identified~~ in ~~the~~ request.(b) ~~In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all~~ of the following:(1) ~~A verification~~ that the perpetrator has committed or allegedly committed a covered act against the survivor or an individual in the survivors care, by providing either of the following:(A) A copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that ~~third party while acting in the third partys professional capacity to indicate~~ that ~~the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.~~(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.~~34.5. Notwithstanding~~ any other provision of this chapter~~, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law,~~ shall not be subject to this chapter.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
	79	+	SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read: CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
93	80
94	81		SEC. 2. Chapter 35.5 (commencing with Section 22948.30) is added to Division 8 of the Business and Professions Code, to read:
95	82
96	83		### SEC. 2.
97	84
98		-	CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. ~~address or enables a person~~ to remotely ~~obtain~~ data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d)(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.~~(h) Survivor means~~ an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account ~~or account means an account or other means by which a person enrolls~~ in ~~or obtains access to a connected device or online service.22948.31. (a) (1) Commencing no later than two business days after receiving a device protection~~ request ~~that meets the requirements of from a survivor pursuant to subdivision~~ (b)~~, an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)~~A device protection request shall include all of the following:(2) ~~After receiving a~~ device protection request ~~from a survivor pursuant to~~ subdivision (b)~~, a vehicle manufacturer~~ shall ~~immediately terminate or disable remote vehicle technology, as identified~~ in ~~the~~ request.(b) ~~In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all~~ of the following:(1) ~~A verification that the perpetrator has committed or allegedly committed a covered act against the survivor or~~ an ~~individual~~ in the ~~survivors care, by providing either of the following:(A) A copy of a signed affidavit~~ from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that third party while acting in ~~the third partys professional capacity to indicate that the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.~~(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.~~34.5. Notwithstanding~~ any other provision of this chapter~~, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law,~~ shall not be subject to this chapter.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
	85	+	CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
99	86
100		-	CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. ~~address or enables a person~~ to remotely ~~obtain~~ data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d)(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.~~(h) Survivor means~~ an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account ~~or account means an account or other means by which a person enrolls~~ in ~~or obtains access to a connected device or online service.22948.31. (a) (1) Commencing no later than two business days after receiving a device protection~~ request ~~that meets the requirements of from a survivor pursuant to subdivision~~ (b)~~, an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)~~A device protection request shall include all of the following:(2) ~~After receiving a~~ device protection request ~~from a survivor pursuant to~~ subdivision (b)~~, a vehicle manufacturer~~ shall ~~immediately terminate or disable remote vehicle technology, as identified~~ in ~~the~~ request.(b) ~~In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all~~ of the following:(1) ~~A verification that the perpetrator has committed or allegedly committed a covered act against the survivor or~~ an ~~individual~~ in the ~~survivors care, by providing either of the following:(A) A copy of a signed affidavit~~ from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that third party while acting in ~~the third partys professional capacity to indicate that the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.~~(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.~~34.5. Notwithstanding~~ any other provision of this chapter~~, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law,~~ shall not be subject to this chapter.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
	87	+	CHAPTER 35.5. Connected Devices22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.22948.36. This chapter shall become operative on January 1, 2026.
101	88
102	89		CHAPTER 35.5. Connected Devices
103	90
104	91		CHAPTER 35.5. Connected Devices
105	92
106		-	22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. address or enables a person to remotely obtain data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.(c) (1) Covered act means conduct that constitutes any of the following:(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).(D) Domestic violence, as defined in Section 6211 of the Family Code.(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act. (c)(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor. (d~~)(g~~) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.(h) Survivor means an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.(i) User account or account means an account or other means by which a person enrolls in or obtains access to a connected device or online service.
	93	+	22948.30. For purposes of this chapter, the following definitions apply: (a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. (c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:(1) A Global Positioning System (GPS).(2) An app-based technology.(3) Any other remote wireless connectivity technology.
107	94
108	95
109	96
110	97		22948.30. For purposes of this chapter, the following definitions apply:
111	98
112	99		(a) Account manager means a person or entity that provides an individual an internet-based or app-based user account, or a third party that manages those user accounts on behalf of that person or entity, that has authority to make decisions regarding user access to those user accounts.
113	100
114		-	(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address. address or enables a person to remotely obtain data from or send commands to a connected device or account, which may be accomplished through a software application that is designed to be operated on a mobile device, computer, or other technology.
	101	+	(b) Connected device means any device, or other physical object that is capable of connecting to the internet, directly or indirectly, and that is assigned an internet protocol address or Bluetooth address.
115	102
116		-	(c) ~~(1) Covered act~~ means ~~conduct~~ that ~~constitutes any of the following:~~
	103	+	(c) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.
117	104
118		-	(A) A crime described in Chapter 8 (commencing with Section 236) of Title 8 of Part 1 of the Penal Code.
119		-
120		-	(B) A crime described in Chapter 1 (commencing with Section 261), Chapter 2 (commencing with Section 270), Chapter 2.5 (commencing with Section 273.8), Chapter 4 (commencing with Section 277), Chapter 5 (commencing with Section 281), Chapter 5.5 (commencing with Section 290), Chapter 7.5 (commencing with Section 311), Chapter 7.6 (commencing with Section 313), or Chapter 8 (commencing with Section 314) of Title 9 of Part 1 of the Penal Code.
121		-
122		-	(C) An act under federal law, tribal law, or the Uniform Code of Military Justice that is similar to an offense described in subparagraph (A) or (B).
123		-
124		-	(D) Domestic violence, as defined in Section 6211 of the Family Code.
125		-
126		-	(E) A misdemeanor described in subdivision (e) of Section 243 of the Penal Code.
127		-
128		-	(2) Nothing in paragraph (1) shall be construed to require a criminal conviction or any other determination of a court in order for conduct to constitute a covered act.
129		-
130		-	(c)
131		-
132		-
133		-
134		-	(d) Device access means the ability to remotely control a connected device, remotely change the characteristics of a connected device, or remotely view or manipulate data collected by or through a connected device, by accessing a user account or accounts associated with the connected device. Acts that require device access include, but are not limited to, remotely manipulating an audio system, security system, light fixture, or other home appliance or fixture and accessing camera or location data from a motor vehicle.
135		-
136		-	(e) Device protection request means a request by a survivor to terminate or disable a perpetrators access to a connected device or account, including, but is not limited to, the ability of a person to obtain data from or send commands to a connected device or account.
137		-
138		-	(f) Perpetrator means an individual who has committed or allegedly committed a covered act against a survivor or an individual under the care of a survivor.
139		-
140		-	(d)
141		-
142		-
143		-
144		-	(g) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:
	105	+	(d) Remote vehicle technology means any technology that allows a person who is outside of a vehicle to access the activity, track the location, or control any operation of the vehicle or its parts, that includes, but is not limited to, any of the following:
145	106
146	107		(1) A Global Positioning System (GPS).
147	108
148	109		(2) An app-based technology.
149	110
150	111		(3) Any other remote wireless connectivity technology.
151	112
152		-	(h) Survivor means an individual who has had a covered act committed, or allegedly committed, against the individual, or who cares for another individual against whom a covered act has been committed or allegedly committed, provided that the individual providing care did not commit or allegedly commit the covered act.
153		-
154		-	(i) User account or account means an account or other means by which a person enrolls in or obtains access to a connected device or online service.
155		-
156		-	22948.31. (a) (1) Commencing no later than two business days after receiving a device protection request that meets the requirements of from a survivor pursuant to subdivision (b), an account manager shall deny a persons device access, terminate or disable a connected device or account access to a perpetrator, as identified in the request.(b)A device protection request shall include all of the following:(2) After receiving a device protection request from a survivor pursuant to subdivision (b), a vehicle manufacturer shall immediately terminate or disable remote vehicle technology, as identified in the request.(b) In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all of the following:(1) A verification that the perpetrator has committed or allegedly committed a covered act against the survivor or an individual in the survivors care, by providing either of the following:(A) A copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that third party while acting in the third partys professional capacity to indicate that the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime. (1)(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.(2)(3) Identification of the connected device or devices.(3)(4) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e)The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(e) An account manager shall notify the survivor of both of the following:(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. person who has device access that is not the survivor.(3) A prohibition or limitation on the ability to deny device access to a perpetrator as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted by a survivor under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that arequester survivor fulfilled the conditions of a device protection request under subdivision (b).
	113	+	22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.(b) A device protection request shall include all of the following:(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.(2) Identification of the connected device or devices.(3) Identification of the person that the requester seeks to deny device access.(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager. (e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:(1) Payment of a fee, penalty, or other charge.(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.(5) Any other limitation or requirement not listed under subdivision (b).(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).
157	114
158	115
159	116
160		-	22948.31. (a~~) (1~~) Commencing no later than two business days after receiving a device protection request that meets the requirements of ~~from a survivor pursuant to~~ subdivision (b), an account manager shall deny a persons device access, ~~terminate or disable a connected device or account access to a perpetrator,~~ as identified in the request.
	117	+	22948.31. (a) Commencing no later than two business days after receiving a device protection request that meets the requirements of subdivision (b), an account manager shall deny a persons device access, as identified in the request.
161	118
162	119		(b) A device protection request shall include all of the following:
163	120
	121	+	(1) Verification of the requesters exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters exclusive use care, possession, or control of the connected device.
164	122
	123	+	(2) Identification of the connected device or devices.
165	124
166		-	(2) ~~After receiving a~~ device ~~protection request from a survivor pursuant to subdivision (b), a vehicle manufacturer shall immediately terminate or disable remote vehicle technology, as identified in the request~~.
	125	+	(3) Identification of the person that the requester seeks to deny device access.
167	126
168		-	(b) In the case of a survivor seeking to deny a perpetrator device access, the survivor shall submit to the account manager a device protection request that includes all of the following:
169		-
170		-	(1) A verification that the perpetrator has committed or allegedly committed a covered act against the survivor or an individual in the survivors care, by providing either of the following:
171		-
172		-	(A) A copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, temporary restraining order, emergency protective order, or protective order lawfully issued pursuant to Section 527.6 of the Code of Civil Procedure, Part 3 (commencing with Section 6240) or Part 4 (commencing with Section 6300) of Division 10 of the Family Code, or Section 136.2 of the Penal Code, documentation from a qualified third party based on information received by that third party while acting in the third partys professional capacity to indicate that the individual is seeking assistance for physical or mental injuries or abuse resulting from an act or crime.
173		-
174		-	(B) A copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. A copy of a written report by a peace officer employed by a state or local law enforcement agency acting in the peace officers official capacity stating that the individual has filed a report alleging victimization of an act or crime.
175		-
176		-	(1)
177		-
178		-
179		-
180		-	(2) Verification of the requesters survivors exclusive legal possession or control of the connected device, including, but not limited to, a dissolution decree, temporary restraining order, protective order, domestic violence restraining order, or other document indicating the requesters survivors exclusive use care, possession, or control of the connected device.
181		-
182		-	(2)
183		-
184		-
185		-
186		-	(3) Identification of the connected device or devices.
187		-
188		-	(3)
189		-
190		-
191		-
192		-	(4) Identification of the person that the requester seeks to deny device access.
193		-
194		-	(c) An account manager shall offer a survivor the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.
	127	+	(c) An account manager shall offer the ability to submit a device protection request under subdivision (b) through secure remote means that are easily navigable. Except as specified under subdivision (b), an account manager shall not require a specific form of documentation to submit a device protection request.
195	128
196	129		(d) An account manager shall make information about the options and process described in subdivision (b) publicly available on the internet website and mobile application, if applicable, of the account manager.
197	130
198	131		(e) The account manager may contact the requester or their designated representative to confirm that device access is denied, or to notify the requester that the device protection request is incomplete.
199	132
200		-
201		-
202		-	(e) An account manager shall notify the survivor of both of the following:
203		-
204		-	(1) The date on which the account manager intends to give any formal notice to the perpetrator that has had their device access denied.
205		-
206		-	(2) That the account manager may contact the survivor, or designated representative of the survivor, to confirm that the perpetrators device access is denied, or to notify the survivor that the device protection request is incomplete.
207		-
208	133		(f) An account manager shall not condition a device protection request submitted in accordance with subdivision (b) upon any of the following:
209	134
210	135		(1) Payment of a fee, penalty, or other charge.
211	136
212		-	(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device. ~~person who has device access that is not the survivor.~~
	137	+	(2) Approval of the device protection request by any other person who is not a legal owner or in legal possession of the device.
213	138
214		-	(3) A prohibition or limitation on the ability to deny device access ~~to a perpetrator~~ as a result of arrears accrued by the account or associated with the connected device.
	139	+	(3) A prohibition or limitation on the ability to deny device access as a result of arrears accrued by the account or associated with the connected device.
215	140
216	141		(4) An increase in the rate charged for the account if any subscription fee or other recurring charge for account access applies.
217	142
218	143		(5) Any other limitation or requirement not listed under subdivision (b).
219	144
220		-	(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted ~~by a survivor~~ under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.
	145	+	(g) (1) An account manager and any officer, director, employee, vendor, or agent thereof shall treat any information submitted under this section as confidential and securely dispose of the information not later than 90 days after receiving the information.
221	146
222		-	(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that ~~arequester survivor~~ fulfilled the conditions of a device protection request under subdivision (b).
	147	+	(2) Nothing in paragraph (1) shall be construed to prohibit an account manager from maintaining, for longer than the period specified in that paragraph, a record that verifies that a requester fulfilled the conditions of a device protection request under subdivision (b).
223	148
224		-	22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.
225		-
226		-
227		-
228		-	22948.31.5. (a) (1) An account manager that fails to deny a perpetrator access in compliance with subdivision (a) of Section 22948.31 or otherwise does not comply with the requirements described in Section 22948.31 shall be deemed in violation of this chapter.
229		-
230		-	(2) A perpetrator that maintains or exercises device access, including by disturbing the peace of the other party, as described in subdivision (c) of Section 6320 of the Family Code, despite having their device access denied pursuant to subdivision (a) of Section 22948.31, shall be deemed in violation of this chapter.
231		-
232		-	(b) (1) Actions for relief pursuant to this chapter may be prosecuted exclusively in a court of competent jurisdiction in a civil action brought by any person injured by the violation or in the name of the people of the State of California by the Attorney General, a district attorney, county counsel, a city attorney or a city prosecutor.
233		-
234		-	(2) A court may enjoin a person or entity who engages, has engaged, or proposes to engage in a violation of this chapter. The court may make any orders or judgments as may be necessary to prevent a violation of this chapter.
235		-
236		-	(3) A person or entity who engages, has engaged, or proposes to engage in a violation of this chapter shall be liable for a civil penalty not to exceed two thousand five hundred dollars ($2,500) for each connected device in violation of this chapter. If the action is brought by the Attorney General, the penalty shall be deposited into the General Fund. If the action is brought by a district attorney or county counsel, the penalty shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, the penalty shall be paid to the treasurer of the city in which the judgment was entered. If the action is brought by a person injured by the violation, the penalty shall be awarded to that person.
237		-
238		-	22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester survivor to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester survivor has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester survivor shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester survivor used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester survivor or an individual in the requesters survivors care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).
	149	+	22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:(A) A licensed medical or mental health care provider.(B) A licensed military medical or mental health care provider.(C) A licensed social worker.(D) A victim services provider.(E) A licensed military victim services provider.(2) A copy of any of the following documents:(A) A police report.(B) A statement provided by the police, including military police, to a magistrate judge or other judge.(C) A charging document.(D) A protective or restraining order, including military protective orders.(E) Any other relevant document that is an official record.(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).
239	150
240	151
241	152
242	153		22948.32. (a) A vehicle manufacturer that offers a vehicle for sale, rent, or lease in the state that includes remote vehicle technology shall do all of the following:
243	154
244	155		(1) Ensure that the remote vehicle technology can be immediately manually disabled by a driver of the vehicle while that driver is inside the vehicle by a method that meets all of the following criteria:
245	156
246	157		(A) The method of manually disabling the remote vehicle technology is prominently located and easy to use and does not require access to a remote, online application.
247	158
248	159		(B) Upon its use, the method of manually disabling the remote vehicle technology informs the user of the requirements of subdivision (b).
249	160
250	161		(C) The method of manually disabling the remote vehicle technology does not require a password or any login information.
251	162
252	163		(D) Upon its use, the method of manually disabling the remote vehicle technology does not result in the remote vehicle technology, vehicle manufacturer, or a third-party service provider sending to the registered owner of the car an email, telephone call, or any other notification related to the remote vehicle technology being disabled.
253	164
254	165		(E) Upon its use, the method of manually disabling the remote vehicle technology causes the remote vehicle technology to be disabled for a minimum of seven days and capable of being reenabled only by the vehicle manufacturer pursuant to paragraph (4).
255	166
256		-	(2) Offer secure remote means via the internet for a requester ~~survivor~~ to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.
	167	+	(2) Offer secure remote means via the internet for a requester to submit a vehicle separation notice that includes a prominent link on the vehicle manufacturers internet website.
257	168
258	169		(3) Upon request, reset the remote vehicle technology with a new secure account and delete all data from the original account.
259	170
260		-	(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester ~~survivor~~ has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.
	171	+	(4) Reenable the remote vehicle technology only if the registered owner of the car notifies the manufacturer that the remote vehicle technology was disabled in error, and a requester has not contacted the vehicle manufacturer to provide the information required by subdivision (b) within seven days of the remote vehicle technology being disabled.
261	172
262		-	(b) A requester ~~survivor~~ shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester ~~survivor~~ used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester ~~survivor~~ or an individual in the requesters ~~survivors~~ care:
	173	+	(b) A requester shall submit a vehicle separation notice to a vehicle manufacturer through the means provided by the vehicle manufacturer pursuant to paragraph (2) of subdivision (a) within seven days of the date on which the requester used the method of manually disabling remote vehicle technology required by subdivision (a), which shall include the vehicle identification number of the vehicle and a copy of either of the following documents that supports that the perpetrator has committed, or allegedly committed, a covered act against the requester or an individual in the requesters care:
263	174
264	175		(1) A signed affidavit from any of the following individuals acting within the scope of that persons employment:
265	176
266	177		(A) A licensed medical or mental health care provider.
267	178
268	179		(B) A licensed military medical or mental health care provider.
269	180
270	181		(C) A licensed social worker.
271	182
272	183		(D) A victim services provider.
273	184
274	185		(E) A licensed military victim services provider.
275	186
276	187		(2) A copy of any of the following documents:
277	188
278	189		(A) A police report.
279	190
280	191		(B) A statement provided by the police, including military police, to a magistrate judge or other judge.
281	192
282	193		(C) A charging document.
283	194
284	195		(D) A protective or restraining order, including military protective orders.
285	196
286	197		(E) Any other relevant document that is an official record.
287	198
288	199		(c) Only if, for technological reasons, a vehicle manufacturer is unable to comply with paragraph (1) of subdivision (a), the vehicle manufacturer shall disable remote vehicle technology within one business day after receiving a request that includes the information required by subdivision (b) and is submitted pursuant to the mechanism required by subdivision (a).
289	200
290	201		22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.
291	202
292	203
293	204
294	205		22948.33. Any waiver of the provisions of this chapter is contrary to public policy and void and unenforceable.
295	206
296	207		22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.
297	208
298	209
299	210
300	211		22948.34. (a) The duties and obligations imposed by this chapter are cumulative with any other duties or obligations imposed under other law, and shall not be construed to relieve any party from any duties or obligations imposed under other law.
301	212
302	213		(b) The remedies or penalties provided by this chapter are cumulative to each other and to the remedies or penalties available under all other laws of the state.
303		-
304		-	22948.34.5. Notwithstanding any other provision of this chapter, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law, shall not be subject to this chapter.
305		-
306		-
307		-
308		-	22948.34.5. Notwithstanding any other provision of this chapter, any entity that is subject to the federal Safe Connections Act of 2022 (Public Law 117-223) or regulations of the Federal Communications Commission adopted pursuant to the authority of that law, shall not be subject to this chapter.
309	214
310	215		22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.
311	216
312	217
313	218
314	219		22948.35. The provisions of this chapter are severable. If any provision of this chapter or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.
315	220
316	221		22948.36. This chapter shall become operative on January 1, 2026.
317	222
318	223
319	224
320	225		22948.36. This chapter shall become operative on January 1, 2026.
321	226
322	227		SEC. 3. Section 6320 of the Family Code is amended to read:6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
323	228
324	229		SEC. 3. Section 6320 of the Family Code is amended to read:
325	230
326	231		### SEC. 3.
327	232
328	233		6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
329	234
330	235		6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
331	236
332	237		6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:(1) Isolating the other party from friends, relatives, or other sources of support.(2) Depriving the other party of basic necessities.(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.(d) This section does not limit any remedies available under this act or any other provision of law.
333	238
334	239
335	240
336	241		6320. (a) The court may issue an ex parte order enjoining a party from molesting, attacking, striking, stalking, threatening, sexually assaulting, battering, credibly impersonating as described in Section 528.5 of the Penal Code, falsely personating as described in Section 529 of the Penal Code, harassing, telephoning, including, but not limited to, making annoying telephone calls as described in Section 653m of the Penal Code, destroying personal property, contacting, either directly or indirectly, by mail or otherwise, coming within a specified distance of, or disturbing the peace of the other party, and, in the discretion of the court, on a showing of good cause, of other named family or household members.
337	242
338	243		(b) On a showing of good cause, the court may include in a protective order a grant to the petitioner of the exclusive care, possession, or control of any animal owned, possessed, leased, kept, or held by either the petitioner or the respondent or a minor child residing in the residence or household of either the petitioner or the respondent. The court may order the respondent to stay away from the animal and forbid the respondent from taking, transferring, encumbering, concealing, molesting, attacking, striking, threatening, harming, or otherwise disposing of the animal.
339	244
340	245		(c) As used in this subdivision (a), disturbing the peace of the other party refers to conduct that, based on the totality of the circumstances, destroys the mental or emotional calm of the other party. This conduct may be committed directly or indirectly, including through the use of a third party, and by any method or through any means including, but not limited to, telephone, online accounts, text messages, internet-connected devices, including connected devices as defined in Section 22948.30 of the Business and Professions Code, or other electronic technologies. This conduct includes, but is not limited to, coercive control, which is a pattern of behavior that in purpose or effect unreasonably interferes with a persons free will and personal liberty. Examples of coercive control include, but are not limited to, unreasonably engaging in any of the following:
341	246
342	247		(1) Isolating the other party from friends, relatives, or other sources of support.
343	248
344	249		(2) Depriving the other party of basic necessities.
345	250
346	251		(3) Controlling, regulating, or monitoring the other partys movements, communications, daily behavior, finances, economic resources, or access to services.
347	252
348	253		(4) Compelling the other party by force, threat of force, or intimidation, including threats based on actual or suspected immigration status, to engage in conduct from which the other party has a right to abstain or to abstain from conduct in which the other party has a right to engage.
349	254
350	255		(5) Engaging in reproductive coercion, which consists of control over the reproductive autonomy of another through force, threat of force, or intimidation, and may include, but is not limited to, unreasonably pressuring the other party to become pregnant, deliberately interfering with contraception use or access to reproductive health information, or using coercive tactics to control, or attempt to control, pregnancy outcomes.
351	256
352	257		(d) This section does not limit any remedies available under this act or any other provision of law.
353		-
354		-	SEC. 4. No reimbursement is required by this act pursuant to Section 6 of Article XIIIB of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIIIB of the California Constitution.
355		-
356		-	SEC. 4. No reimbursement is required by this act pursuant to Section 6 of Article XIIIB of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIIIB of the California Constitution.
357		-
358		-	SEC. 4. No reimbursement is required by this act pursuant to Section 6 of Article XIIIB of the California Constitution because the only costs that may be incurred by a local agency or school district will be incurred because this act creates a new crime or infraction, eliminates a crime or infraction, or changes the penalty for a crime or infraction, within the meaning of Section 17556 of the Government Code, or changes the definition of a crime within the meaning of Section 6 of Article XIIIB of the California Constitution.
359		-
360		-	### SEC. 4.