SAN FRANCISCO — Retailers are asking California Gov. Arnold Schwarzenegger to veto a bill that might make them liable for costs caused by breaches in electronic security.
The bill would hold merchants or others accepting credit card payments, such as government agencies and nonprofit groups, responsible for reimbursing banks for the cost of issuing new cards and notifying consumers of suspected breaches. However, merchants would be absolved of liability if they prove they followed security standards outlined in the law.
Opponents of the measure, which passed both houses of the state legislature, argue it could result in merchants paying millions of dollars to compensate banks to reissue credit cards, as well as to consumers who retailers fear could sue for damages caused by misuse of stolen financial or personal information. Retailers, banks and credit card companies have battled before over responsibility for security lapses.
Consumer advocates argue the more definitive law would ensure vigilance against computer hackers.
"All too often retailers and other business make it easy for crooks to get their hands on our sensitive personal information,'' the Consumer Federation of America wrote in a letter to Schwarzenegger, urging him to sign the bill.
Meanwhile, the National Retail Federation this week urged credit card companies to allow merchants to destroy credit card numbers sooner than the 18 months they are currently required to keep them. Such a move would cut down on the amount of information that could be pilfered by computer thieves, the NRF said.
The California bill updates a state data-protection law that requires merchants, nonprofits and state agencies to take "reasonable steps" to protect personal information such as credit card numbers, birthdays, Social Security numbers and addresses. While the existing law also requires these entities to tell consumers about suspected data breaches, they don't have to say from where, when it occurred and what information might have been taken unless a customer asks in writing.
Under the new legislation, notice of suspected security breaches would have to include such specifics. In addition, the measure spells out security steps required to protect credit card information, such as not storing the full contents of a "data track" from a credit card purchase even if encrypted. All personal data from a transaction would also have to be deleted within 90 days of a purchase.California retailers oppose the required three-month purge of consumer data related to credit card purchases. Such information, like addresses and card numbers, is often used to track returns and maintain customer loyalty discount programs, as well as shipping addresses that are used to verify credit cards on e-commerce sites.
"This bill unduly limits the use of credit card information," the California Retailers Association and 40 other business groups and telecommunications companies said in a letter to Schwarzenegger, urging him to veto it. "It also creates a new potential for litigation against those entities and imposes additional financial liabilities."
The governor has until Oct. 14 to act on the legislation. A spokeswoman said Schwarzenegger hasn't taken a public position. A two-thirds majority of the senate and assembly would be required to override a veto. California would be the second state to enact such a bill. Minnesota took action in August. Texas, Connecticut, Massachusetts and Illinois are considering similar bills. Legislation in Congress that would create a national standard has been under consideration in committee.
Three years ago California was the first state to enact a data security standard to counter computer hacking. Credit unions led the push because they don't want to be saddled with issuing new credit cards at a cost of $5 to $15 each. "If you get two or three of these security notices a year you're starting to lose confidence in your bank,'' said Ron Fong, chief lobbyist for the California Credit Union League.
EXCLUSIVE: @tomford is opening its first-ever beauty store. The boutique, which opens November 20 in London’s Covent Gardens, was designed with the over the top glam Ford is known for. Read the full story on WWD.com, link in bio. #wwdbeauty #wwdnews (📷: Simon Wagner) #TomFordBeauty
New York-based DJ @harleyvnewton threw a party to celebrate the holiday collection of her dress and pajama line @hvn at the Ladurée Beverly Hills. It Girls @katebosworth, @rashidajones and more joined in on the fun, which included cocktails, croque monsieur sandwiches and a photo booth. #wwdfashion (📷: Owen Kolasinski/BFA.com)
For the holidays, @Burberry partnered with 20-year-old artist @blondeymccoy on a series of three outdoor murals in downtown Manhattan. The murals are McCoy’s interpretation of a Christmas eve party, the idea of charity and the spirit of family. His third mural, pictured here, is the most personal. The image depicts McCoy’s grandparents and father in London’s Trafalgar Square in the Seventies. “My work often features lots of sentimental objects.” #wwdeye
For spring 2018, designers applied bold colors and cartoonish motifs on everything from sneakers and belts to key chains. See all the top men’s accessories trends on WWD.com. #wwdtrends (📷: George Chinsee; Prop Styling by @rnasti; Market Editor: @luiscampuzano)
The @dior-sponsored @guggenheim international gala pre-party has a history of drawing cool-girl musical acts to serenade the crowd –– and last night was no exception. @haimtheband performed songs both new and old, and lured a star-studded audience with the likes of Rebecca Hall, Kate Mara, Mamoudou Athie and more. #wwdeye (📷: @lexieblacklock)
In a partnership between the @metopera and the @englishnationalopera, “Marnie” was born. The opera, with costumes sponsored by @mrporterlive, is an adaptation of the 1961 thriller by Winston Graham. Arianne Phillips, who created the costumes, is no rookie: She’s styled Madonna for her tours and created costumes for a myriad of films in the past. Read WWD’s interview with Phillips, where she talks about her inspiration for the opera’s costumes on WWD.com #wwdfashion
@barneysnyc took a different approach to their holiday windows this year. Instead of Christmas decor, Barneys tapped @thehaasbrothers to tell a story of positivity, gratitude and inclusivity via heartwarming silliness and humor. “It’s about kids and it’s about coming together and being family and loving each other,” said Simon Haas. #wwdfashion (📷: @joshuascottphoto)
Beauty influencer @kandeejohnson makes her foray into hair care with a collaboration with @ogx_beauty — making it the first time that OGX has teamed up for a product creation. The collab includes shampoos and conditioners in three scents. At 39 and a mom, Johnson is a different profile than the emerging social media stars, but is considered one of the pioneers of the digital beauty influencer world. Read WWD’s interview with her on wwd.com, including the strangest beauty product she’s ever tried #wwdbeauty