WASHINGTON (1/24/14)-- The issue of data security, as the result of data breaches such as at Target, ebbs and flows--but it keeps coming back because safeguards are not taken to stop the breaches from happening, a top Credit Union National Association advocate says in American Banker, a trade publication.
CUNA Senior Vice President of Legislative Affairs Ryan Donovan said in a Jan. 23 article in the Banker that "in the six to 10 weeks after a breach, there's a lot of attention given to this issue, but as the headlines fade so does the attention."
"What doesn't change is that this issue keeps coming back, and it keeps coming back because safeguards aren't taken to keep these breaches from happening," he said.
The article noted: "The theft of personal data on as many as 110 million Target customers over the holidays--followed by reports of a similar attack at Neiman Marcus--has spurred calls for new congressional hearings on the issue, proposed legislation to protect consumer information and competing letters to Congress from Washington trade groups representing the financial services and retail industries."
In fact, CUNA--back on Jan. 3--sent a letter to House Financial Services Committee Chairman Jeb Hensarling (R-Texas) and Rep. Maxine Waters (D-Calif.) , the committee's ranking Democrat, encouraging the U.S. Congress to conduct hearings regarding the Target breach, to "fully examine the chronic issue of merchant data breaches, their impact on consumers and financial institutions."
CUNA President/CEO Bill Cheney wrote in that letter, "Failure to hold merchants fully accountable for data breaches when they occur ultimately harms consumers, undermines their confidence in our payments system, and adds to their growing frustrations that government is not protecting their interests."
The American Banker article noted that Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.) recently reintroduced a bill to require all entities involved in card payments to do a better job in protection consumer's information and to set national consumer notifications standards in the event of a breach.
In the article, CUNA's Donovan called the Carper legislation a "good start," but said CUNA is pushing that any data security bill include additional provisions, including language to require that the breached entity, such as Target, to be responsible for the ensuing costs.
"When there's a breach like this, the cost of making sure the consumers are protected is covered by the financial institution that issues the card," he said. "We're the ones making the decision to reissue the card and monitor the accounts, and we also have the obligation to notify the consumer."
Among others quoted in the article were Edward Mills, a policy analyst at FBR Capital Markets, and Mark Calabria, a former Senate Banking Committee staffer and now director of financial regulation studies at the Cato Institute.