Despite the indications that the Consumer Data Protection Act [PDF] would be passed by California’s Governor Arnold Schwarzenegger, it has been vetoed for the second time. Read the veto here [PDF].

The Consumer Data Protection Act would have required retailers and businesses in California to take more strict steps to protect credit and debit card data, and to disclose more details about data breaches to those affected. The State Assembly and Senate both approved the bill for the second time in 12 months, after modifications had brought it back to a vote.

Governor Schwarzenegger says that he has rejected the bill for the same reasons as before, the belief that legislature should not interfere with business, and that the bill attempts:

“to legislate in an area where the marketplace has already assigned responsibilities and liabilities that provide for the protection of consumers,” he wrote.”

Schwarzenegger believes the payment card industry (PCI) is in a better position to set standards in technology and the marketplace, and believes legislation would create a conflict with private sector standards.

According to Visa, only 45% of large retailers are compliant with current PCI standards, so I would think that the private sector needs some assistance with enforcement.

What’s your opinion on legislation like this? Good or bad?

Thanks to Charles for the tip! Via computerworld, IT business, Washington Post Image: gov.ca.gov

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati