SACRAMENTO, Calif. (10/7/08)--California Gov. Arnold Schwarzenegger vetoed legislation last week--for the second time in the past year--that would have required retailers and other businesses in the state to implement measures to protect credit and debit card data. Assembly Bill 1656--the Consumer Data Protection Act--also would have required retailers to disclose more details about data breaches to consumers impacted by them. The California State Senate and Assembly passed AB 1656 by a substantial margin last month (Computerworld Oct. 6). “The veto of the bill is obviously disappointing to the California and Nevada Credit Union Leagues,” Melissa Ameluxen, legislative and regulatory lobbyist for the leagues, told News Now. “We’re not going to stop fighting for this measure until we are confident that California retailers are ensuring that Californians’ personal financial data is safe and secure every time they use a debit or credit card.” The issue has been a popular one. Therefore, some legislator is “very likely” to take up the issue again next year, Amulexen said. The California league had pledged to renew its efforts to pass a data protection bill in the wake of Schwarzenegger's [first] veto in October 2007 of a league-backed bill to protect consumers from the effects of data breaches (News Now Oct. 16, 2007) Last year, Schwarzenegger vetoed AB 779, authored by Assemblyman Dave Jones (D-9), after intense opposition from retailers and bankers. This year’s bill would have required retailers to adopt security standards based on industry best practices when storing consumers' credit and debit card information, and give consumers better information about when and where their personal financial information is stolen during a data breach. In 2006, the nation's largest data breach of data from TJX Cos. resulted in the theft of 46.5 million consumers' credit or debit card information (News Now Sept. 4). While credit unions and other financial institutions worked to replace the breached cards, they were not able to inform consumers where the breach occurred.