2008-04-28T14:55:44-07:00 Practical Ecommerce info@practicalecommerce.com http://www.practicalecommerce.com/ Copyright 2007 Confluence Publishing DBA Practical Ecommerce http://www.practicalecommerce.com/articles/717/Merchants-Liable-For-Data-Breaches/#comment9587 2008-04-28T14:55:44-07:00

Penny, the Federal Trade Commission spells out that merchants who outsource their data (whether for protection or disposal) must have a contract with the outside agency. The contract must spell out that the outsourced provider must follow all of the same privacy and security rules. This doesn't protect you from liability Penny. However, it does give you someone to sue to recover damages if the data is breached.

http://www.practicalecommerce.com/articles/717/Merchants-Liable-For-Data-Breaches/#comment9322 2008-04-22T07:36:33-07:00

If I outsource my payment services or information collection to an entity such as Paypal, who ensures protection, am I liable for a breach of their system which results in the exchange of information about my customers??? Hm...