The Corporate Securities Law of 1968 defines a "security" essentially by providing a list. Cal. Corp. Code § 25019. The statutory list is similar, but not precisely the same as, the definitional lists of securities found in the Securities Act of 1933 and the Securities Exchange Act of 1934. Nonetheless, it is clear that some items included on these lists might not be securities while others not included on the list are securities. For example, the U.S. Supreme Court has concluded that merely because something is called a "stock" does not necessarily make it a security. United Housing Foundation, Inc. v. Forman, 421 US 837, 95 S. Ct. 2051, 44 L. Ed. 2d 621 (1975).
In a recent law review article, long-time white collar crime prosecutor Georg Behrens undertakes to explain how California courts decide what is and what isn't a "security". "What is a Security? The California Synthesis on the 50th Anniversary of the Corporate Securities Act of 1968", 46 & 47 Lincoln L. Rev. 23 (2019/2020). He identifies two main definitional approaches followed by the courts: conceptual and discretionary. He describes the conceptual approach as "working out and adopting a conceptual definition of the term 'security' that is coextensive with the area of regulation intended by the legislature, and then in determining whether a particular transaction or arrangement falls under that conceptual definition". In contrast, the discretionary approach involves "determining on a case-by-case or an ad hoc basis whether a particular transaction or arrangement falls within the regulatory purpose of the Corporate Securities Law". Behrens favors the conceptual approach and makes the case that it is the predominant approach in California case law.
"What, me worry?"
The word "security" is derived from the Latin word, securus, which means free from care. Securus is itself a portmanteau formed by the Latin words sine, meaning without, and cura, meaning care.