Mitigating losses from data breach remains a top credit union priority, CUNA wrote to Rep. Bob Latta (R-Ohio), chair of the House Energy and Commerce subcommittee on digital commerce and consumer protection Friday. CUNA’s letter comes as CUNA launches its Stop the Data Breaches campaign under its Member Activation Program.
Data breaches that expose card information and consumers’ personally identifiable information, such as what happened with the 2017 Equifax data breach, cost credit unions and their member owners enormous sums of money and, in the case of Equifax, give criminals much personal information which can be used to directly defraud credit unions and other financial institutions.
The letter notes the multiple ways credit unions see losses due to merchant data breaches, and highlights that due to being member-owned, these credit union losses directly impact the membership as a whole.
“CUNA favors data security legislation that places liability on a business that loses consumer information through a data breach and creates a mechanism for those harmed by the breach to recover losses from the breached entity. Although we believe breached entities should be responsible to others harmed from the breach, we believe Congress should consider how a member of a member-owned financial institution is harmed in multiples ways by a data breach,” the letter reads. “Absent specific liability requirements, CUNA would not support legislation that diminishes a credit unions ability to recover through common law or other state provisions.”
CUNA priorities for data breach legislation include:
CUNA also signed into a letter with other financial trade organizations Friday, outlining the need for data breach legislation.