Tuesday, July 03, 2007
Plastic Card Security Act
Minnesota Plastic Card Security Act advances
News Release - April 11, 2007 - The Senate Committee on Commerce and Consumer Protection recommend the passage of legislation aimed at protecting consumers from credit card fraud on Tuesday. The Committee referred the bill, Senate File 1574, to the Senate's Judiciary Committee.
The legislation, authored by Sen. Mary Olson, DFL - Bemidji, prohibits companies or retailers from keeping the secure information stored on a credit- or debit-card's magnetic strip in their computer databases after a transaction is completed. The magnetic strips on payment cards contain sensitive information such as the customer's name, account number, PIN, card expiration date, and security code data.
"Credit card fraud can be devastating to consumers," said Sen. Olson. "It often takes months or years to completely resolve fraudulent charges, and to reestablish one's credit. Companies and merchants should not be allowed keep this information where it can fall into the wrong hands."
Currently, payment card industry standards prohibit companies from retaining magnetic strip information. Sen. Olson's bill would put these industry standards into Minnesota law, allowing the state to impose penalties on companies that are not securely purging their customers' private information from their computer systems.
Sen. Olson cited the recent security breach at TJX, the parent company of T.J. Maxx, Marshall's, and several other retailers, as one of the primary reasons for bringing this bill forward. Investigators estimate that hackers gained access to private information from an estimated 45 million credit- and debit-cards in the breach, which TJX had stored in their computer system. Florida investigators have charged six people in connection with the breach, claiming they used this stolen credit card information to make over $8 million in fraudulent purchases.
"The TJX scandal confirms the need for this legislation," said Sen. Olson. "Consumers trust companies to protect their financial information. The state should take an active role in ensuring that companies take that trust seriously."
Sen. Olson's legislation also specifies that a company or retailer violating this provision is responsible for both notifying their customers and covering the expenses of potential fraud if their customer's information is compromised. Currently, the responsibility for notification and fraud repayment typically falls on the financial institution backing the credit card. This responsibility will only be shifted to retailers if they are found to have improperly stored credit card information.
The Commerce Committee took lengthy testimony on the bill, hearing from both banking and credit union representatives who issue cards and from witnesses representing the retail industry. After retailer representatives expressed concern about some provisions of the bill, Sen. Olson asked the Committee for an opportunity to resolve the differences between the two groups. After negotiating for several hours, Sen. Olson re-presented the bill late Tuesday night and offered an amendment that addressed practical difficulties the retailers raised with implementing the proposed legislation.
"I'm pleased we were able to find common ground on this issue," said Sen. Olson. "This bill offers protection to consumers, while not placing unnecessary or undue hardships on businesses."
Rep. Jim Davnie, DFL - Minneapolis, is carrying companion legislation in the House of Representatives. The bill, House File 1758, has passed through several committees, and is awaiting a vote on the House floor.
For more information, please contact Sen. Olson's office at (651) 296-4913, or sen.mary.olson@senate.mn.
-3-0-
State Senator Mary A. Olson
District 04
124 Capitol
75 Rev. Dr. Martin Luther King Jr. Blvd.
St. Paul, MN 55155-1606
Telephone (651) 296-4913
sen.mary.olson@senate.mn
