Computerworld - For the second time in 12 months, California Gov. Arnold Schwarzenegger last week vetoed legislation that would have required retailers and other businesses operating in the state to take a series of steps to protect credit and debit card data.
The Consumer Data Protection Act, or AB 1656, would also have required retailers to disclose more details about data breaches to the people affected by them. The California State Assembly and Senate overwhelmingly approved the measure last month.
But in a veto message to state legislators, Schwarzenegger said he wouldn't sign the bill for the same reasons he rejected the original version last October. Both bills attempted "to legislate in an area where the marketplace has already assigned responsibilities and liabilities that provide for the protection of consumers," he wrote.
Banks and credit unions around the country have been lobbying for legislation like AB 1656 in the wake of the highly publicized data breaches at retailers such as The TJX Companies Inc. and Hannaford Bros. Co. Financial institutions contend that retailers should do more to protect cardholder data and should cover card replacement costs if their systems are breached.
The progress of AB 1656 has been watched particularly closely because of its provisions and because California has traditionally been a trendsetter on data protection issues.
Bob Arnould, senior vice president of government affairs at the California Credit Union League, said in a statement that Schwarzenegger's veto "guarantees that millions of additional Californians will have their privacy invaded."
But Gartner Inc. analyst Avivah Litan welcomed the veto. She said that instead of mandating specific security controls for retailers, state governments "should focus on protecting consumer rights through proper disclosure rules that ensure transparency in the system."
This version of the story originally appeared in Computerworld's print edition.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
