Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

Washington
CU/merchant parity in data rules a must: CUNA to lawmakers
WASHINGTON (3/6/13)--Inconsistent data security standards need to be addressed before a solution to merchant data breaches can be achieved, the Credit Union National Association said in a Wednesday letter to the U.S. Congress.
 
The letter was sent for the record of a House Financial Services subcommittee on financial institutions and consumer credit entitled "Data Security: Examining Efforts to Protect Americans' Financial Information." Subcommittee members Rep. David Scott (D-Ga.) and Spencer Bachus (R-Ala.) during the hearing queried government witnesses on the need for merchants to be under uniform data security and consumer notification standards.
 
CUNA, the National Credit Union Administration and others have recently called for data security standard parity between merchants and financial institutions.
 
"Simply put: credit unions and other financial institutions are subject to high data protection standards under the Gramm-Leach-Bliley Act; merchants are not. When merchant data breaches occur, financial institutions--not merchants--bear the costs of replacing credit and debit cards and fraud costs," CUNA President/CEO Bill Cheney wrote.
 
The Target data breach cost credit unions an estimated $30.6 million, and future fraud could increase these costs, CUNA said. Merchant data breaches are a top credit union concern. "It is an issue of such great concern because these breaches cost credit unions and their members significantly, and they divert resources from other credit union activity, including lending," Cheney wrote.
 
"Until and unless merchants are held accountable for the damages that breaches to their systems cause financial institutions and consumers, we have little confidence that they will be incentivized to properly secure their systems," the letter added.
 
To address credit union data security concerns, CUNA suggested that Congress:
  • Hold all payment system participants to comparable levels of federal data security requirements;
     
  • Hold those responsible for the data breach responsible for the costs of helping consumers; and
     
  • Ensure consumers know where their information was breached.
"Credit unions also support legislation that requires merchants to provide notice to those consumers affected by a data breach, and permits credit unions to disclose where a breach occurs when notifying members that their account has been compromised...Consumers need transparency and knowledge to understand where their data has been put at risk," the letter said.
 
CUNA also encouraged the committee to hold additional data breach hearings.
 
For the full letter, use the resource link.
Other Resources

CUNA Letters to Congress
RSS





print
News Now LiveWire
16.9% of U.S. homeowners underwater, down from peak 31.4% in 2012, reports @zillow http://t.co/EbILqY1HMz
40 minutes ago
Breaking at #NewsNow: President Obama signs IOLTA bill into law. http://t.co/5N741Bygmn
2 hours ago
.@edmunds says the week between Christmas and New Year's is the busiest car shopping time of the year.
3 hours ago
.@CFPB sues Sprint for cramming 3rd-party service fees onto consumers' bills http://t.co/mhlMWqLKku
3 hours ago
#HomeDepot #databreach lawsuits consolidated in Georgia http://t.co/A4bei5z0mV
4 hours ago