WASHINGTON (6/16/15)--An opinion editorial in The Hill’s “Congress Blog” that urged the U.S. Congress to act against cybercrime by passing the Data Security Act of 2015 ( S. 961/H.R. 2205) provided a lot of “street credibility” weighing in on the issue, including CUNA President/CEO Jim Nussle.
The op-ed was written by Nussle and other leaders of the Financial Services Data Security Coalition: Frank Keating, president/CEO of the American Bankers Association; Richard Hunt, president/CEO of the Consumer Bankers Association; Tim Pawlenty, president/CEO of the Financial Services Roundtable; Camden R. Fine, president/CEO of the Independent Community Bankers of America; B. Dan Berger, president/CEO of the National Association of Federal Credit Unions; and Jim Aramanda, president/CEO of The Clearing House.
The Hill singled out Nussle, Keating and Pawlenty for their political expertise, noting that Nussle was a Republican congressman from Iowa from 1991 to 2007. It pointed out that Keating was Republican governor of Oklahoma from 1995 to 2003, and Pawlenty was Republican governor of Minnesota from 2003 to 2011.
“Americans expect companies with which they do business to protect their sensitive personal and financial data,” wrote CUNA in the joint op-ed. “Yet, the reality is American consumers are under constant threat of identity theft and fraud due to lax security practices that leave the door open to cyber criminals.
“Literally hundreds of millions of debit and credit card accounts have been compromised at major retail locations. It is important to remember that behind each of these compromised accounts are everyday Americans who now have to deal with the raw and frightening consequences of having their virtual identity stolen. In 2014 alone, criminals stole $16 billion from more than 12.7 million fraud victims and, not surprisingly, two-thirds of those victims can be traced to data breaches. The stakes are high. And consumers are paying the price.
“In some sectors, where the nature and sensitivity of consumer data has always been obvious, such as banking and health care, Congress long ago aligned consumer expectations with federal requirements to keep customer information safe. The reality of today’s interconnected, data-driven world means other less-obvious sectors like retail handle and store much of the same sensitive data.”
Technology and innovation “have far outpaced the existing body of laws and regulations designed to keep consumers safe. Expectations that sensitive personal and financial data is being kept safe are not being met, and Congress needs to act,” said CUNA and its partners.
The group noted the sponsors of S. 961/H.R. 2205--Sens. Roy Blunt (R-Mo.) and Tom Carper (D-Del.) and Reps. Randy Neugebauer (R-Texas) and John Carney (D-Del.)--want to ensure a customer’s sensitive personal and financial information are secure at every point in the payment process.
“These bills recognize today’s savvy cyber criminals are seeking out the weakest link in the payment system,” said the op-ed. The measures “are modeled after existing law that provides a successful framework used by the financial sector, a diverse industry in which one-size-fits-all regulations rarely work. Rather, the standards can be tailored to avoid unnecessary burdens on small businesses and take into consideration the size, scope, and type of financial information businesses hold,” the group said.
“When it comes to ensuring consumer expectations of data security are met, ‘bank-like’ should be the baseline standard by which other industries are measured. Securing consumer information should be a priority for every industry,” CUNA and its partners said.