What It Means for Retailers
It seems a new retail-based data breach hits national news on a monthly basis, so it’s no surprise legislators are considering modifications to data breach law. One law currently on the table would make retailers responsible for customer damages incurred during a data breach.
Growing Data Breaches
The preponderance of data collected by all types of businesses, along with increasingly networked environments, makes data breaches more likely and more dangerous. In less than a year, personal information for millions of consumers was put at risk during breaches that occurred at retailers such as Target and Neiman Marcus. Most recently, a data breach in Michaels craft store security may have exposed records for up to 2.5 million customers.
Data Breach Law to Address Risks
THe proposed data breach law is designed to combat the potential risk of identity theft for consumers. Most individuals involved in a data breach deal only with the frustration of replacing credit cards and watching accounts closely. Individuals who have their information stolen may deal with long-term credit issues; extreme cases result in bankruptcy or home foreclosure.
Holding Retailers Accountable
AB 1710, a proposed federal bill that would modify the data breach law, would move the financial onus of a data breach from banks and credit card companies to retailers. Retailers experiencing a breach would be legally responsible for notifications to consumers. The retailer could also be held accountable for consumer financial damages related to the incident. Estimates are that retailers already lose $150 to $250 for every account impacted in a data breach. AB 1710 could exponentially increase those costs, which means retailers may be better off investing in stronger security measures when possible.
What do you think of this proposed data breach law?