TMCnet News
NAFCU Urges Congress to Tackle Data SecurityWASHINGTON --(Business Wire)-- NAFCU today issued the following statement: Good evening, Below is NAFCU President and CEO Dan Berger's letter to House Speaker John Boehner and Minority Leader Nancy Pelosi reiterating NAFCU's call for Congress to tackle the issue of data security and to make it a priority in 2014. Members of the United States House of Representatives were copied on the letter. This same letter was sent to Senate Majority Leader Harry Reid and Minority Leader Mitch McConnell. Members of the United States Senate were copied on the letter. If you would like more information on this matter or would like to speak about this with a NAFCU expert, please let me know. Thank you.
Dana Kauffman
The Honorable John Boehner Re: Congress Must Make Data Security a Priority in 2014 Dear Speaker Boehner and Leader Pelosi: On behalf of the National Association of Federal Credit Unions (NAFCU), the only trade association exclusively representing our nation's federal credit unions, I write today to reiterate our call for Congress to tackle the issue of data security. As we first wrote to you back in February of this year as part of NAFCU's five-point plan on regulatory relief, we urge the House to tackle the issue of data security for personally identifiable and financial information. Just this morning, the Wall Street Journal reported Target (News - Alert) Corporation confirmed that nearly 40 million credit card and debit card accounts were compromised between November 27 and December 15, 2013. Data affected in the breach includes customer names, credit and debit card numbers, expiration dates, and CVV security codes. Now millions of American consumers will spend the holidays worrying that their personal financial data has been swiped because of where they did their holiday shopping. This massive data breach follows a host of others in recent years, not to mention smaller scale breaches that may not be picked up by the national media. Needless to say, the risk of a data breach continues to be a serious problem for both consumers and businesses. Every time consumers choose to use plastic cards for payments at a register or make online payments from their accounts, they unwittingly put themselves at risk. Many are not aware that their financial and personal identities could be stolen or that fraudulent charges could appear on their accounts, in turn damaging their credit scores and reputations. Consumers trust that entities collecting this type of information will, at the very least, make a minimal effort to protect them from such risks. Unfortunately, this is no always true. Financial institutions, including credit unions, have been subject to standards on data security since the passage of Gramm-Leach-Bliley. However, retailers and many other entities that handle sensitive personal financial data are not subject to these same standards, and they become victims of data breaches and data theft all too often. While these entities still get paid, financial institutions bear a significant burden as the issuers of payment cards used by millions of consumers. Credit unions suffer steep losses in re-establishing member safety after a data breach occurs. They are often forced to charge off fraud-related losses, many of which stem from a negligent entity's failure to protect sensitive financial and personal information or the illegal maintenance of such information in their systems. Moreover, as many cases of identity theft have been attributed to data breaches, and as identity theft continues to rise, any entity that stores financial or personally identifiable information should be held to minimum standards for protecting such data. Again, Target Corporation is just the latest in a string of several large-scale data breaches impacting millions of American consumers. The aftermath of these previous breaches demonstrate what we have been communicating to Congress all along: credit unions and other financial institutions - not retailers and other entities - are out front protecting consumers, picking up the pieces after a data breach occurs. It is the credit union or other financial institution that must notify its account holders, issue new cards, replenish stolen funds, change account numbers and accommodate increased customer service demands that inevitably follow a major data breach. Unfortunately, too often the negligent entity that caused these expenses by failing to protect consumer data loses nothing and is often undisclosed to the consumer. NAFCU urges Congress to make the issue of data security a priority in 2014, including convening hearings on the data protection standards of merchants and what can be done to strengthen them. Furthermore, we recommend Congress take action to enact provisions to protect consumers from breaches that compromise their financial and personally identifiable information. Data security is a common-sense bipartisan issue that must be addressed. With that in mind, NAFCU specifically recommends that the House make it a priority to consider and act on the following issues related to data security:
On behalf of our nation's credit unions and their 97 million members we thank you for your attention to this important matter. If my staff or I can be of assistance to you, or if you have any questions regarding this issue, please feel free to contact myself, or NAFCU's Vice President of Legislative Affairs, Brad Thaler, at (703) 842-2204. Sincerely,
B. Dan Berger cc: Members of the United States House of Representatives
|