One for Ken Belva

I mentioned Ken Belva's thoughts in Thoughts on Virtual Trust last year. If you don't know Ken's thoughts on "virtual trust" please read that post before continuing further. I refrained from pointing a finger at Ken's Apple DRM example after Steve Jobs posted his Thoughts on Music, where DRM won't apply to Apple music (thereby depriving Ken of one of his case studies and questioning his logic).

Now I'd really like an answer to this article: Retailers Fuming Over Card Data Security Rules; Claim PCI standard shifts burden to them, could alienate customers. Here are a few excerpts:

Several retailers last week bristled at having to comply with the Payment Card Industry (PCI) Data Security Standard, complaining that they carry an unfair burden in securing credit card data.

In interviews and speeches at the annual ERIexchange conference here, retail executives also complained that implementing the PCI standard is costly and could alienate customers...

Robert Fort, director of IT at Virgin Entertainment Group Inc. in Los Angeles... contended that meeting the requirements doesn’t boost a retailer’s bottom line. “There’s no direct return on investment,” he said. “It will not help us sell CDs.” (emphasis added)

Ken -- what do you think about that? I would respond to the vendor by saying customers who can't trust vendors won't give the vendor their business. I might also use an argument that says vendors could be held liable for negligence. Those are two thoughts.