California may join Minnesota and, possibly, New Jersey as one of the very first states to enact a law holding merchants responsible for the cost of notifying consumers in the event a security breach results in a compromise of personal information. On June 26, the California Senate Judiciary Committee passed A.B. 779 by a 3-2 vote.
A.B. 779 was proposed in response to the wide ranging security breaches at the TJX Companies Inc., which affected more than 46 million credit and debit card holders. The proposed law would allow businesses required to notify individuals of data breaches to seek reimbursement from the third party responsible for the breach of all "reasonable and actual costs," including the cost of providing notice, and replacing their credit or debit cards. The law is receiving strong opposition from a coalition of 30 groups and businesses representing retailers, financial institutions, information technology companies, marketers, and others.
In May of this year, Minnesota became the first and currently only state to have enacted a similar merchant breach liability law. New Jersey is currently considering a similar data breach liability bill.
Post a comment
WEBCAST
Gartner Video: Best Practices for Web Application Security and Compliance
Faced with the growing threat of hacker attacks, how do you protect your data and your corporate reputation while increasing revenue?
WHITE PAPER
Email Continuity: Don't Know What You've Got Till it's Gone
Today, more email is being sent and attachment sizes are becoming larger. This means that security, archiving, and continuity systems must be able to scale easily. Learn to manage your email better…
