GAINESVILLE, Fla. (9/25/14)--Merchants are not held to the same stringent data security standards as those of financial institutions, and in the wake of the Home Depot data breach, credit union leaders from coast to coast have been raising awareness about that disparity.
On Tuesday, The Gainesville Sun ran an op-ed by Patrick La Pine, president/CEO of the League of Southeastern Credit Unions, that discusses the need for stricter data security standards for merchants.
This follows California and Nevada Credit Union Leagues President/CEO Diana Dykstra's piece that was published in several California-based newspapers earlier this month (News Now Sept. 11).
"This latest breach demonstrates the need for data security requirements for merchants," La Pine wrote in The Gainesville Sun (Sept. 23). "Financial institutions, including credit unions, are subject to high data protection standards by law, while merchants are not subject to federal data protection standards; there is no merchant financial accountability."
La Pine also noted that the widely covered Target breach of late last year cost Florida credit unions more than $1.5 million, according to a survey by the Credit Union National Association, which also continues to urge Congress to pass stricter data security laws for merchants.
"If the Home Depot breach is larger, you can see that credit unions will have considerable expense on a breach that they did not cause," La Pine wrote.
The league president/CEO also pointed out that while EMV, tokenization and other technologies are critical to the payments system, until merchants are held to the same standards as financial institutions, credit unions have little confidence these technologies will result in improved member security.
To protect consumers, La Pine wrote, credit unions are asking lawmakers to pass legislation that encompasses the following principles:
Added La Pine: "All participants in the payment process have a shared responsibility to protect consumer data, but the law and the incentive structure today allows merchants to abdicate that responsibility, making consumers vulnerable and placing the burden on financial institutions."