According to DMNEws "Minnesota has become the first state in the country to enact into law one of the key components of the credit card industry’s data-security standards, the payment card industry (PCI)standards." Now any company conducting business in Minnesota is now also legally bound by the laws of the state not to keep credit card's security data after a transaction has been approved. And if a business is caught doing so, they have to refund the costs to the bank for reissuing the card and such. We here at Forrester expect that governments will continue to make PCI requirements law, and that this trend will become increasingly popular as it gives the PCI standards a bit more teeth. Storing inappropriate security information is getting more costly.