(a) Except as otherwise provided in this section, a
transportation agency may not sell or otherwise provide to any other
person or entity personally identifiable information of any person
who subscribes to an electronic toll or electronic transit fare
collection system or who uses a toll bridge, toll lane, or toll
highway that employs an electronic toll collection system.
(b) A transportation agency that employs an electronic toll
collection or an electronic transit fare collection system shall
establish a privacy policy regarding the collection and use of
personally identifiable information and provide to subscribers of
that system a copy of the privacy policy in a manner that is
conspicuous and meaningful, such as by providing a copy to the
subscriber with the transponder, electronic transit pass, or other
device used as an electronic toll or transit fare collection
mechanism, or, if the system does not use a mechanism, with the
application materials. A transportation agency shall conspicuously
post its privacy policy on its Internet Web site. For purposes of
this subdivision, "conspicuously post" has the same meaning as that
term is defined in paragraphs (1) to (4), inclusive, of subdivision
(b) of Section 22577 of the Business and Professions Code. The policy
shall include, but need not be limited to, a description of the
following:
(1) The types of personally identifiable information that is
collected by the agency.
(2) The categories of third-party persons or entities with whom
the agency may share personally identifiable information.
(3) The process by which a transportation agency notifies
subscribers of material changes to its privacy policy.
(4) The effective date of the privacy policy.
(5) The process by which a subscriber may review and request
changes to any of his or her personally identifiable information.
(c) A transportation agency may, within practical business and
cost constraints, store only personally identifiable information of a
person such as, to the extent applicable, the account name, credit
card number, billing address, vehicle information, and other basic
account information required to perform account functions such as
billing, account settlement, or enforcement activities. All other
information shall be discarded no more than four years and six months
after the billing cycle has concluded, the bill has been paid, and
all toll or fare violations, if applicable, have been resolved.
(d) A transportation agency shall make every effort, within
practical business and cost constraints, to purge the personal
account information of an account that is closed or terminated. In no
case shall a transportation agency maintain personal information
more than four years and six months after the date an account is
closed or terminated.
(e) (1) A transportation agency may make personally identifiable
information of a person available to a law enforcement agency only
pursuant to a search warrant. Absent a provision in the search
warrant to the contrary, the law enforcement agency shall
immediately, but in any event within no more than five days, notify
the person that his or her records have been obtained and shall
provide the person with a copy of the search warrant and the identity
of the law enforcement agency or peace officer to whom the records
were provided.
(2) This section does not prohibit a peace officer, as defined in
Section 830.1 or 830.2 of the Penal Code, when conducting a criminal
or traffic collision investigation, from obtaining personally
identifiable information of a person if the officer has good cause to
believe that a delay in obtaining this information by seeking a
search warrant would cause an adverse result, as defined in
subparagraphs (A) to (E), inclusive, of paragraph (2) of subdivision
(a) of Section 1524.2 of the Penal Code.
(f) This section does not prohibit a transportation agency in
subdivision (a) from providing aggregated traveler information
derived from collective data that relates to a group or category of
persons from which personally identifiable information has been
removed.
(g) This section does not prohibit a transportation agency, with
respect to an electronic toll collection system, from providing the
license plate number of an intermodal chassis to the owner of the
chassis for purposes of locating the driver of the chassis in the
event the driver fails to pay a toll.
(h) This section, with respect to an electronic toll collection
system, does not prohibit a transportation agency from sharing data
with another transportation agency solely to comply with
interoperability specifications and standards adopted pursuant to
Section 27565 regarding electronic toll collection devices and
technologies. A third-party vendor may not use personally
identifiable information obtained under this subdivision for a
purpose other than described in this subdivision.
(i) Subdivision (d) shall not prohibit a transportation agency, or
its designee, from performing financial and accounting functions
such as billing, account settlement, enforcement, or other financial
activities required to operate and manage the electronic toll
collection system or transit fare collection system. This section,
with respect to electronic transit fare collection systems, does not
prohibit the sharing of data between transportation agencies for the
purpose of interoperability between those agencies. A third-party
vendor may not use personally identifiable information obtained under
this subdivision for a purpose other than as described in this
subdivision.
(j) This section does not prohibit a transportation agency from
communicating, either directly or through a contracted third-party
vendor, to subscribers of an electronic toll collection system or an
electronic transit fare collection system about products and services
offered by, the agency, a business partner, or the entity with which
it contracts for the system, using personally identifiable
information limited to the subscriber's name, address, and electronic
mail address, provided that the transportation agency has received
the subscriber's express written consent to receive the
communications.
(k) A transportation agency may not use a nonsubscriber's
personally identifiable information obtained using an electronic toll
collection or electronic transit fare collection system to market
products or services to that nonsubscriber. This subdivision shall
not apply to toll-related products or services contained in a notice
of toll evasion issued pursuant to Section 23302 of the Vehicle Code.
(l) For purposes of this section, "transportation agency" means
the Department of Transportation, the Bay Area Toll Authority, any
entity operating a toll bridge, toll lane, or toll highway within the
state, any entity administering an electronic transit fare
collection system and any transit operator participating in that
system, or any entity under contract with any of the above entities.
(m) For purposes of this section, "electronic toll collection
system" is a system where a transponder, camera-based vehicle
identification system, or other electronic medium is used to deduct
payment of a toll from a subscriber's account or to establish an
obligation to pay a toll, and "electronic transit fare collection
system" means a system for issuing an electronic transit pass that
enables a transit passenger subscriber to use the transit systems of
one or more participating transit operators without having to pay
individual fares, where fares are instead deducted from the
subscriber's account as loaded onto the electronic transit pass.
(n) For purposes of this section, "person" means any person who
subscribes to an electronic toll collection or electronic transit
fare collection system or any person who uses a toll bridge, toll
lane, or toll road that employs an electronic toll collection system.
(o) For purposes of this section, "personally identifiable
information" means any information that identifies or describes a
person including, but not limited to, travel pattern data, address,
telephone number, email address, license plate number, photograph,
bank account information, or credit card number. For purposes of this
section, with respect to electronic transit fare collection systems,
"personally identifiable information" does not include photographic
or video footage.
(p) For purposes of this section, "interoperability" means the
sharing of data, including personally identifiable information,
across multiple transportation agencies for the sole purpose of
creating an integrated transit fare payment system, integrated toll
payment system, or both.
(q) (1) In addition to any other remedies provided by law, a
person whose personally identifiable information has been knowingly
sold or otherwise provided in violation of this section may bring an
action to recover either actual damages or two thousand five hundred
dollars ($2,500) for each individual violation, whichever is greater,
and may also recover reasonable costs and attorney's fees.
(2) A person whose personally identifiable information has been
knowingly sold or otherwise provided three or more times in violation
of this section may bring an action to recover either actual damages
or four thousand dollars ($4,000) for each individual violation,
whichever is greater, and may also recover reasonable costs and
attorney's fees.
(r) Nothing in subdivisions (c) and (d) shall preclude compliance
with a court order or settlement agreement that has been approved on
or before April 25, 2010.
(s) A transportation agency that employs an electronic toll
collection or electronic transit fare collection system may impose an
administrative fee on persons who use those systems in an amount
sufficient to cover the cost of implementing this section.