California Governor Kills Data Protection Bill

California Gov. Arnold Schwarzenegger vetoed on Saturday a bill that would have put in place strict laws governing data privacy, arguing that the costs to comply with the law would have put unnecessary strain on small businesses.

Supporters of the legislation said its intent was to ensure consumer data was adequately protected from potential security breaches. It would have been more strict than current polices put in place by the payment and credit card industries.

Merchants would have been banned from collecting sensitive consumer data unless they had a data retention policy. And even then they would be severely limited on what information they could collect, and how long they could retain it.

In vetoing the bill, Schwarzenegger said that the market was already working to keep data safe on its own, and such legislation was unnecessary. However, at the same time, he seemed open to considering a reworked bill.

"I encourage the author and the industry to work together on a more balanced legislative approach," Schwarzenegger wrote in the veto message. He also argued that the measure could put private sector standards and the state's law in conflict.

The law passed the state senate 30-6 with 4 abstentions, and the assembly by a 73-0 vote. Like the US Constitution, California's allows for the legislature to override the Governor's veto with a two-thirds majority from each house.

As of Monday, it was still unclear whether the bill's supporters planned to go forward with attempting a veto override.

Other states have tried similar measures, but small business lobbyists have so far been successful in lobbying support against any new laws.