California Public Records Act: cyberattacks.
- Allows agencies to extend public records request deadlines when cyberattacks prevent access to electronic records.
- Requires state emergencies to directly impact an agency's ability to process records requests for deadline extensions.
- Limits deadline extensions to only the duration of system outages caused by cyberattacks.
- Maintains agencies' obligation to provide non-electronic records even during cyberattacks.
Assembly Member Carrillo's amendment to the California Public Records Act modifies how state and local agencies may extend their response times to public records requests when facing cyberattacks or emergencies. The legislation adds cyberattacks as an "unusual circumstance" that permits agencies to extend their standard 10-day response period by up to 14 days when electronic systems are inaccessible.
The amendment narrows the existing emergency provisions by requiring that a state of emergency must "directly affect" an agency's ability to respond to requests due to staffing shortages or facility closures. This extension applies only to records maintained on affected electronic systems and remains in effect only until agencies regain system access. Agencies must still process requests for records stored in other formats or locations unaffected by the cyberattack.
For state emergencies, the bill maintains the current 14-day maximum extension period but adds the requirement that the emergency must have a direct impact on agency operations through either staffing limitations or facility closures. The provisions exclude requests for records created during and related to the declared emergency, preserving timely access to emergency-related documentation.
 Juan CarrilloD Assemblymember | Bill Author |  Not Contacted |
Email the authors or create an email template to send to all relevant legislators.
Introduced By
Latest Voting History
| Ayes | Noes | NVR | Total | Result |
|---|---|---|---|---|
| 35 | 0 | 5 | 40 | PASS |
- Allows agencies to extend public records request deadlines when cyberattacks prevent access to electronic records.
- Requires state emergencies to directly impact an agency's ability to process records requests for deadline extensions.
- Limits deadline extensions to only the duration of system outages caused by cyberattacks.
- Maintains agencies' obligation to provide non-electronic records even during cyberattacks.
Email the authors or create an email template to send to all relevant legislators.
Introduced By
Assembly Member Carrillo's amendment to the California Public Records Act modifies how state and local agencies may extend their response times to public records requests when facing cyberattacks or emergencies. The legislation adds cyberattacks as an "unusual circumstance" that permits agencies to extend their standard 10-day response period by up to 14 days when electronic systems are inaccessible.
The amendment narrows the existing emergency provisions by requiring that a state of emergency must "directly affect" an agency's ability to respond to requests due to staffing shortages or facility closures. This extension applies only to records maintained on affected electronic systems and remains in effect only until agencies regain system access. Agencies must still process requests for records stored in other formats or locations unaffected by the cyberattack.
For state emergencies, the bill maintains the current 14-day maximum extension period but adds the requirement that the emergency must have a direct impact on agency operations through either staffing limitations or facility closures. The provisions exclude requests for records created during and related to the declared emergency, preserving timely access to emergency-related documentation.
Latest Voting History
| Ayes | Noes | NVR | Total | Result |
|---|---|---|---|---|
| 35 | 0 | 5 | 40 | PASS |
Juan CarrilloD Assemblymember | Bill Author | Not Contacted |