Schwarzenegger Says 'Hasta la Vista' to State Bill on Data Breach Costs

By Jaikumar Vijayan

October 22, 2007 12:00 PM ET

Comments

(0)

Computerworld - In a decision that likely was a big relief to retailers nationwide, California Gov. Arnold Schwarzenegger vetoed a bill that would have made merchants in his state liable for the costs incurred by financial institutions as a result of retail data breaches.

In a statement explaining his Oct. 13 veto, Schwarzenegger said that the measure attempts to legislate in an area where the marketplace has already assigned responsibilities and liabilities that provide for the protection of consumers.

Approving the bill might have put California law in conflict with private-sector data security standards, Schwarzenegger added.

Arnold Schwarzenegger

AB 779 would have required retailers affected by breaches to reimburse banks and credit unions for the costs of alerting customers and reissuing credit and debit cards. It would also have prohibited merchants from storing some information and required them to use so-called strong authentication technologies to protect cardholder data.

The California Credit Union League, the bills chief proponent, expressed disappointment at the veto but vowed to try to get the measure passed in the states next legislative session.

The California bills demise means that Minnesota remains the only state to have passed a data breach cost-reimbursement law.

Retail industry groups have complained that such measures would unfairly penalize merchants that already pay for fraud-related costs via the so-called interchange fees that credit card companies assess on each transaction.

Read more about security in Computerworld's Security Knowledge Center.

Comment Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

California

Additional Resources

Microsoft

DirectAccess and UAG: Better Together

Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.

Microsoft

Case Study: Energy Firm Tightens Protection, Simplifies IT Work

Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

0 comments | Add new

See all comments (0) | Add new

White Papers & Webcasts

Death to PST Files
Download Now

Four Ways to Improve Your TSM Environment with a SEPATON VTL
Watch Now

The Tangled Web: Silent Threats & Invisible Enemies
Download Now

Tape Killed the IT Guy
Watch Now

Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now

BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!

What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now

Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".

eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...

All White Papers | All Webcasts