New Senate bill tackles merchant data protections
WASHINGTON (5/1/15)--A coalition of six Democratic senators introduced a data protection bill Thursday that would, in part, require companies that store sensitive personal or financial information on 10,000 customers or more to meet specified consumer privacy and data security standards to keep this information safe, and notify the customer within 30 days of a breach.
CUNA strongly advocates for improved merchant data protection standards--ones that mirror credit unions' own Gramm-Leach-Bliley Act standards--that will ensure consumers' sensitive data will be protected.
Sens. Patrick Leahy (Vt.), Al Franken (Minn.), Elizabeth Warren (Mass.), Richard Blumenthal (Conn.), Ron Wyden (Ore.) and Ed Markey (Mass.) introduced the Consumer Privacy Protection Act of 2015.
Other key provisions of the bill include:
On the House side of the Capitol, earlier this month the House Energy and Commerce Committee passed the Data Security and Breach Notification Act of 2015 (H.R. 1770) by a 29-20 vote.
The bill would require certain entities that collect and maintain personal information to secure such information and provide notice to individuals if the information is breached or exposed. CUNA opposes the data breach bill saying it falls far short in protecting consumers.
According to CUNA, strong data breach legislation should entail:
CUNA currently supports S. 961, data security legislation introduced by Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.). The Carper-Blunt bill is representative of the financial industry's core data security principles, and CUNA will be working with the financial services industry to advocate for its passage.