WeVote

Bill

Bill

SB 435

California Consumer Privacy Act of 2018: sensitive personal information.

2025-2026 Regular Session Introduced by Mia Bonta and 1 co-sponsor

SB 435 expands California CCPA protections by broadening sensitive personal information definitions, requiring stricter business data handling and consumer consent practices.

Coauthors revised.
0
WeVote Research Nonpartisan
Bill Summary · SB 435

Legislative bill overview

SB 435 proposes amendments to California's Consumer Privacy Act (CCPA) to expand protections for "sensitive personal information," likely adding new categories of data that receive heightened privacy safeguards. The bill has faced procedural challenges, failing committee passage in July 2025 but receiving reconsideration.

Why is this important

The CCPA already grants California consumers significant privacy rights, and expanding "sensitive" data classifications would require businesses to implement stricter controls, obtain explicit consent, and limit data use—affecting compliance costs for companies and potentially strengthening consumer protections. This reflects ongoing tension between privacy advocacy and business operational concerns as data privacy regulations evolve.

Potential points of contention

  • Definitional scope: Disagreement over which data categories qualify as "sensitive" (health records, biometric data, financial information, behavioral data) affects compliance burden and business feasibility
  • Business compliance costs: Broader definitions require more expensive data security, consent mechanisms, and operational changes, particularly challenging for small businesses
  • Consumer utility vs. privacy: Expanded restrictions may limit beneficial uses of data (targeted healthcare, fraud prevention, personalized services) while protecting privacy

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.