Concerned consumers push for credit card data security law in California
October 13th, 2007 by admin Posted in Government, Legislation
The backlash started slow with a law in Minnesota and Texan (almost and maybe still) and continues with the presumed passage of California AB 779. This is legislation that would address data security breach notification, require card replacement, and mandate only storage of necessary data.
This may put the minds of consumers in California at ease, but cardholder data security has been in the works for many years now, and 2007 is the tipping point for merchant compliance. Statistics to be released shortly will show that in the USA, significantly more merchants are compliant than non compliant with the PCI DSS.
I’m glad to see consumers voting their concern, but these laws only push the compliance ball faster as it crests the mountain and begins to looks down on those merchants still have not validated they are securely storing consumer data.
Update: and the bill was vetoed on October 13, 2007 by governor Schwarzenegger. He said two things that would make the card brands happy:
- “attempts to legislate in an area where the marketplace has already assigned responsibilities and liabilities that provide for the protection of consumers. In addition, the Payment Card Industry has already established minimum data security standards when storing, processing, or transmitting credit or debit cardholder information.”
- “This industry has the contractual ability to mandate the use of these standards, and is in a superior position to ensure that these standards keep up with changes in technology and the marketplace,” he said. “This measure creates the potential for California law to be in conflict with private sector data security standards.”
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Sorry, comments for this entry are closed at this time.