I don't think anyone would argue against the need for standards regarding payment methods, and the PCI Data Security Standards (DSS) introduced over the last few years are well intentioned. In essence they say that in order to handle sensitive customer data a strict set of security criteria must be met. The introduction of these standards has taken that sensitive information out of the hands of some parties who may not have taken keeping it a secret as seriously as you do, and this is a good thing.