(TRENTON) – Legislation Assembly Speaker Vincent Prieto and Assembly members Joseph Lagana, Pamela Lampitt, Benjie E. Wimberly and Annette Quijano sponsored to protect consumers who make purchases using credit and debit cards was approved Thursday by an Assembly panel.
The bill (A-1970) would prohibit a retail sales establishment from storing certain magnetic- stripe data obtained from a credit card, debit card or access device after the establishment has received a response to its authorization request.
“In recent years, millions of people here in New Jersey and across the nation have been vulnerable to data security breaches that made it possible for criminals to steal their personal information,” said Prieto (D-Bergen/Hudson). “This legislation acknowledges that when a store holds onto the information on a magnetic stripe after a transaction is approved, it does nothing more than put consumers at risk unnecessarily.”
“Anyone who’s had to deal with credit card fraud knows it can be an utter nightmare,” said Lagana (D-Bergen/Passaic). “With this bill, we work to achieve the dual objective of standing by shoppers and holding stores accountable.”
“With occurrences of fraud on the rise, it is critical that we take action on behalf of our state’s consumers,” said Lampitt (D-Camden, Burlington). “Consumers in New Jersey should be able to shop with confidence, knowing that establishments in our state have taken all the necessary precautions to protect their customers’ information.”
“We have seen an alarming rise in identity fraud and security breaches involving the retail industry in recent years,” said Wimberly (D-Bergen, Passaic). “This bill provides necessary reassurance for New Jersey consumers that retail stores will protect their information and, in the event of a security breach, the store will take the proper precautions to right the wrong.”
“Consumer credit and personal information are gold mines to hackers and identity predators,” said Quijano (D-Union). “By setting parameters for retailers on what can and cannot be saved, we protect NJ consumers’ information and hold retailers accountable for the information stolen during a security breach.”
The legislation also would make businesses and public entities that are required to provide notice to customers in the event of a breach of security liable to the respective banks, credit unions or other financial institutions for costs the institutions incur to protect customer information. Such costs may include: the cancellation or re-issuance of a credit card, debit card or access drive; the closure of any deposit, transaction, share draft or other account; the opening or re-opening of an account; and any refund or credit made to a customer as a result of the security breach.
The bill also adds a definition of “financial institution” to the “Identity Theft Prevention Act.” It is defined as a bank, savings bank, savings and loan association, mutual savings bank, or credit union organized, chartered, or holding a license authorization certificate under the law of this State or any other state, in the United States, or of any other country, or the parent or subsidiary of a financial institution.
The measure was released by the Assembly Financial Institutions and Insurance Committee in a morning meeting. The bill now returns to the Assembly Speaker for further consideration.