Monday, October 6, 2008

The Terminator Blows Away Data Breach Bill

Now, I admit the title of this post is from "InternetNews", not me, but putting it's cheesiness aside, the Governor's veto of AB 1656 (Jones) was another disappointment for privacy advocates. The bill would have required businesses and state agencies to better safeguard personal financial information they possess. A retailer responsible for a security lapse would need to notify customers.

Before I get to the article, I should also point out the Governor also vetoed SB 364 (Simitian) - another privacy protection bill - which would have required businesses and state agencies, in the event of a security breach of computer data bases containing personal information, to provide specified notification of these breaches to consumers in plain English as well as to notify the proper government authority of the breach.

As for AB 1656, we (CFC) supported the bill because California lacks any centralized reporting process for security breaches. It is therefore difficult for state policy makers to assess or improve upon our state security breach laws. The state may be missing important criminal activity patterns or consumer practices, the analysis of which could help establish better protections for Californians. This bill would have addressed this need by making the Office of Privacy Protection a repository for security breach notifications.

AB 1656 was a vehicle for establishing more comprehensive improvements that are sorely needed for California’s existing security breach notification laws...unfortunately, we'll have to just keep trying.

Now to the article regarding the veto of AB 1656:

Supporters of AB 1656, however, claim that such statutes are necessary to protect financial institutions from fraud and rising card replacement costs stemming from retail data breaches.

"When the fraud happens, the retailer doesn't have to pay the cost, and the system is loaded in such a way that it's a disincentive for retailers to protect consumer data," Bob Arnould, senior vice president for government affairs at the
California and Nevada Credit Union League, told InternetNews.com. The league sponsored the bill, which was tabled by Assemblyman Dave Jones (D-Sacramento).

...

Arnould accused the governor of being too close his backers. "There's a saying in politics that 'you dance with the one who brung ya,' and we're up against retailers and the Chamber of Commerce, and they have a very close relationship with the governor," he said.

Click here to read more (short article).

No comments: