NEW: HFSC votes for bill with stricter merchant data security standards

December 9, 2015

WASHINGTON (12/8/15 UPDATED 10:15 a.m. ET)--The House Financial Services Committee just passed the CUNA-supported Data Security Act of 2015 (H.R. 2205) in a 46-9  vote.

Data security legislation with more stringent security standards for merchants has long been a top advocacy priority for CUNA. CUNA’s efforts to support such legislation only intensified after the Target data breach of 2013, which exposed millions of cards and cost credit unions at least $30 million.

“The House Financial Services Committee voted today to protect consumers by strengthening our country’s data security laws. The CUNA-backed Data Security Act will prevent breaches by providing a higher standard for all who accept payments, better notification procedures and a federal law that will replace the cumbersome patchwork of state laws,” said CUNA President/CEO Jim Nussle. “We thank the members of the committee who voted in favor of protecting the American consumer, and urge House leadership to quickly bring the legislation to the House floor.

“Until retailers adhere to the same standards that financial institutions are beholden to, millions of consumers will remain at risk,” Nussle added.

The House bill, introduced by Reps. Randy Neugebauer (R-Texas) and John Carney (D-Del.), would create a single data security standard for all entities that handle sensitive consumer information.  The federal standard would be scalable to an entity’s size and would supersede the current regulatory patchwork of state standards.

Also very important to credit unions, the bill would allow card issuers to disclose and identify to members or customers the details of a data breach, which would deflect reputational risk to financial institutions for breaches that occur through retailers’ systems.

H.R. 2205 also provides federal regulators the authority to enforce the provisions of the bill, if enacted into law.

The bill also recognizes that credit unions and other financial institutions already have strict data security standards set forth under the Gramm-Leach-Bliley Act, and thus does not impose any additional standards on them.

CUNA issued an action alert this week to engage credit unions members in support of H.R. 2205, urging them to contact their legislators.

The Data Security Act of 2015 has a Senate equivalent bill, S. 961, that was introduced by Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.).

The committee also voted 40-16 to approve the National Credit Union Administration Budget Transparency Act (H.R. 2287). The bill, strongly supported by CUNA, would require the NCUA to hold hearings and accept comments on its budget.

CUNA said the budget bill would promote more efficient use of NCUA funds, which primarily come from credit unions, and would increase transparency and accountability at the agency.

See tomorrow’s News Now for more coverage of today’s markup.