Draft legislation addressing data breaches was released Friday, two days after a CUNA witness testified before a House Financial Services subcommittee on how these breaches harm credit unions. The draft bill, from Reps. Blaine Luetkemeyer (R-Mo.) and Carolyn Maloney (D-N.Y.), contains the principles CUNA's witness said should be part of any legislation.
“We thank the House Financial Services Committee for its attention to this issue this week, and to Reps. Luetkemeyer and Maloney for announcing this bill,” said CUNA President/CEO Jim Nussle. “We laid out in our testimony this week, and in past communications to Congress, what principles should be a part of data breach legislation. While changes to this legislation are bound to happen, it contains the essential principles we believe must be in any federal data breach legislation, and we’ll continue our engagement as the bill moves through the legislative process.”
The draft bill contains the following CUNA-backed principles:
A flexible, scalable data protection standard;
A notification regime requiring timely notice to impacted consumers, law enforcement and applicable regulators;
Enforcement of the new national standard by the Federal Trade Commission and state attorneys general;
Does not exclude a private right of action; and,
Clear preemption of the existing patchwork of often conflicting and contradictory state laws.