news.cuna.org/articles/105940-cuna-for-hearing-record-breach-debate-must-be-all-about-protecting-consumers

CUNA for hearing record: Breach debate must be all about protecting consumers

May 15, 2015

WASHINGTON (5/15/15)--CUNA submitted a strong statement, both solo and jointly with its coalition partners, this week to the U.S. House Financial Services Committee on the issue of data security. The committee held its first hearing on data security topic since the massive Target data breach in late 2013, and CUNA’s letters were sent for the hearing’s record.

“We encourage you to ignore the excuses, attempts to pass blame and efforts to make this a fight between business sectors,” CUNA President/CEO Jim Nussle wrote. “The debate on data security should be about protecting sensitive financial information, ensuring consumers feel confident that their data is secure, whether it’s where they shop, or at their financial institution.”

Nussle added that credit union responses to protect members in the wake of a breach, such as reissuing cards and notification, do not come without costs and can make a significant difference in the bottom line of not-for-profit institutions. This could interfere with the ability to offer services to members.

Rep. Jeb Hensarling (R-Texas), chair of the committee, said it is time for Congress to step up and make progress when it comes to protecting consumers.

Breach costs

Click image to enlarge

“Consumers shouldn’t be left to simply hope and pray their personal information will be safe every time they swipe their debit or credit card or enter their information online,” he said during his opening statement at the hearing. “They deserve protection.”

CUNA urged the committee to pass the Data Security Act of 2015 (H.R. 2205), which would ensure that all entities that handle consumers’ sensitive financial information have a robust process in place to protect data, thereby preventing data breaches.

CUNA has strongly supported H.R. 2205, which it calls a proactive approach, to help those without sufficient standards in place to establish those standards and drastically reduce the number of breaches.

From January 2005 to the present, more than 5,000 data breaches exposing more than 800 million records have occurred nationwide, according to the Identity Theft Resource Center. More than 100 million records have been exposed between January and May of this year alone.

According to the center, the retail sector accounts for the most breaches, at nearly 40%.

CUNA issued an action alert last week in support of the bill. Another action alert was previously issued by CUNA in support of a Senate equivalent bill, S. 961.

 The bill recognizes that it is not necessary to duplicate data protections in place by financial institutions, which are required under the Gramm-Leach-Bliley Act, and it would replace the current patchwork of state and federal data breach regulations with a strong national standard. 

For more coverage of the hearing, see "Reps., witnesses commend GLBA breach standards during hearing" in today's News Now