New bill forces California retailers to protect consumer data

Posted by Caitlin on September 3rd, 2008

California state lawmakers approved a bill on Sunday that will prohibit most companies from retaining customers' credit or debit card numbers, verification codes or personal identification numbers. Companies that accept recurring payments will be allowed to keep this information, but they will be required to follow specific guidelines established by the credit card industry in order to protect this customer data. These guidelines include strengthening electronic firewalls, encrypting personal information and limiting access only to those employees whose jobs require them to see payment related data.

This bill is similar to one that was vetoed by Gov. Schwarzenegger last year, partially because of a stipulation requiring retailers to reimburse customers for the cost of replacing credit and debit cards. The new bill does not make this requirement of retailers. Instead, it only requires retailers to inform customers of data breaches. This bill is still opposed by many retailers.

Stronger laws requiring companies to protect customer information are encouraging, but if you are concerned about identity theft you should also consider an identity theft protection service. To read more about identity theft protection services, see our reviews and comparison.