This Law Firm Publication by Fisher & Phillips LLP discusses AB 2525, recently signed into law by Governor Jerry Brown. AB 2525 amends California's data breach notification law to require persons and businesses (including non-profits) that own or license computerized data to disclose when "encrypted" information has been acquired in an unauthorized breach. The notification obligation will be triggered where encrypted data is leaked together with the encryption key or security credential that could render it readable or usable. The law becomes effective January 1, 2017.