Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

'I'll be back': Vetoed data breach bill goes to Schwarzenegger again

Supporters optimistic that California governor won't say hasta la vista to amended bill

September 3, 2008 12:00 PM ET

Active Comments
Anonymous says: The true people footing the bill for this are the financial institutions. The consumer is 100% protected by the financial...
Anonymous says: Don't be surprised if retailers stop accepting credit cards, especially small ones....


Computerworld - An amended version of a closely watched data breach bill that was vetoed by California Gov. Arnold Schwarzenegger last October is once again headed to his desk for approval.

The bill — known as the Consumer Data Protection Act, or AB 1656 (download PDF) — basically would require retailers that accept payment card transactions to take specific precautions for protecting cardholder data and disclose more details about data breaches to consumers affected by them. But an earlier provision that would have required retailers to reimburse financial institutions for the costs involved in replacing credit and debit cards compromised in breaches has been dropped.

The amended bill was approved by the California State Assembly by a 74-1 margin on Saturday, after passing muster in the state Senate by a 34-3 margin last Wednesday.

The California Credit Union League (CCUL), a trade association that is a key sponsor of the bill, welcomed its passage by the legislature. In a statement, Bill Cheney, the CCUL's president and CEO, expressed his hope that Schwarzenegger would "acknowledge the solid vote of approval" from California's lawmakers and quickly sign the measure. Cheney added that AB 1656 would help strengthen consumer confidence in payment card security while enforcing increased transparency at retailers that are hit by breaches.

Melissa Ameluxen, a lobbyist for the Rancho Cucamonga-based CCUL, said in an interview today that the removal of the clause requiring retailers to foot the bill for card replacements should go a long way toward countering opposition to the bill. "The governor's office gave us an indication that removing that part of the bill would help us move closer" to getting it signed into law, she said.

In addition to that change, two smaller modifications have been made to the original bill that Schwarzenegger vetoed. One allows retailers to retain certain kinds of data needed to process recurring payments. The other removes a previous requirement that retailers specify the exact date on which a breach was thought to have occurred. Instead, the bill now mandates that they provide only a range of dates during which a breach might have taken place, Ameluxen said.

Analysts and the retail community have been closely following the progress of the bill, which is one of the first of its kind in the country and would put some strict new requirements on businesses. For instance, AB 1656 would prohibit retailers and other organizations that handle payment card transactions from storing certain types of cardholder data even if the information is encrypted. Prohibited data types include the full contents of the magnetic stripes on the back of cards, as well as PINs and both card and payment verification codes.



Jump to comments

Schwarzenegger

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...