Proposed law seeks to make retailers financially responsible for data breaches

A new law has been introduced in California that is aiming to make retailers that suffer breaches of security responsible for the financial damage that is dealt. With the recent large breaches, specifically at Target and Neiman Marcus, banks and credit card companies have been stuck with the bills for the breaches. This is not fair to them as it is not their fault or security that was in question and breached. The responsibility of security should be placed upon the retailer or company that is in question and that is exactly what this bill is trying to put into effect. It seems easy to encrypt information and that it should always be encrypted or protected, but it takes time and is not as simple as it seems. The only problem with the bill right now is that it totally neglects the government from the issues and only focuses on private businesses and the retailers. Although the passing of this bill is up in the air, it has sparked other such bills or ideas that could possibly be introduced in the future.

Source:

http://nakedsecurity.sophos.com/2014/04/10/new-law-seeks-to-make-retailers-financially-responsible-for-data-breaches/

Advertisements

8 thoughts on “Proposed law seeks to make retailers financially responsible for data breaches

  1. I think that’s fair. If a retailer get’s a security breach and information gets stolen from them that they were hired to protect, then they should be responsible for the damages. Although in Target’s case, Target should pay some sort of fine considering that they weren’t supposed to keep the information in the first place.

  2. I agree completely companies would better protect the info if it actually affected them more.

  3. The fault lies with the individual companies so as of now I do not feel there is a reason for this bill not to pass.

  4. I think the companies should be held responsible but contractors should also hold the same liability.

  5. I agree that it should pass. If person a is trusting person b ( or company), person a should be held responsible if something happens.

  6. I think this law should pass because we need someone to take liability when breaches like this happen. It takes so long to figure out who is responsible for what, it makes since to just have an easily enforceable party that’s responsible for user data. I think this would make companies more careful.

Comments are closed.