WASHINGTON–The House Financial Services Committee (HSFC) has passed a draft data security bill.
This draft was introduced just two days after Kim Sponem, CEO at Wisconsin’s Summit Credit Union, testified on behalf of CUNA on the need for legislation that would hold merchants more accountable
“We thank Chairman Luetkemeyer, Ranking Member Clay and Members of the Subcommittee for their efforts to help advance data breach legislation,” said CUNA President/CEO Jim Nussle in a statement. “It is critical that we enhance security to reduce the impact that merchant data breaches have on credit unions, other financial institutions and consumers. We are pleased to see the committee is aligned on creating a strong national data security standard.”
During last week’s hearing, Rep. Andy Barr (R-KY) stated, “So many credit unions and community banks in my district have told me that, of all the regulatory pressures they face, all the compliance costs, this is one of the top priorities in terms of costs.”
The draft bill contains the following principles, all of which CUNA said it backs:
- A flexible, scalable data protection standard
- A notification regime requiring timely notice to impacted consumers, law enforcement and applicable regulators
- Enforcement of the new national standard by the Federal Trade Commission and state attorneys general
- Does not exclude a private right of action
- Clear preemption of the existing patchwork of often conflicting and contradictory state laws
NAFCU and CUNA weighed in on the legislation.
"Ensuring consumers' personal financial information is protected is one of NAFCU's and the credit union industry's priorities," said NAFCU President and CEO Dan Berger. "When data breaches occur, Americans' sense of security is shattered and the burden of making affected individuals whole again usually falls on their financial institution, rather than the breached entity. NAFCU and our members sincerely appreciate the work Reps. Luetkemeyer and Maloney are putting in to create a national data security standard that holds retailers and others accountable, and ensures consumers and credit unions are notified of a breach in a timely manner."
“We thank Chairman Luetkemeyer, Ranking Member Clay and Members of the Subcommittee for their efforts to help advance data breach legislation,” said CUNA President/CEO Jim Nussle. “It is critical that we enhance security to reduce the impact that merchant data breaches have on credit unions, other financial institutions and consumers. We are pleased to see the committee is aligned on creating a strong national data security standard.”
Meanwhile, John McKechnie, senior partner at the Washington, D.C.-based public policy and advocacy firm Total Spectrum, added, "his draft covers a lot of bases, all of them good. It addresses the need to broaden the responsibility for better protection of data and consumers, without added burdens. And it writes common-sense prescriptions that responsible retailers should want to follow.”