Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
CUNA tells Congress: Data security's very framework must be addressed
WASHINGTON (2/3/14)--Congress should take a broad look at how consumer data is secured and the improvements that are necessary to prevent future breaches from taking place, the Credit Union National Association said in a letter submitted for the record of a Senate Banking Committee data security hearing scheduled this week.

The hearing, entitled "Safeguarding Consumers' Financial Data," follows last year's Target data breach. That breach resulted in the theft of 40 million debit and credit cards, and encrypted PIN data, and the names, mail and email addresses, and phone numbers of up to 70 million individuals. Credit unions have already incurred costs estimated to be in the range of $25 million to $30 million as a result of the Target stores data security breach, according to a CUNA survey.

In a letter sent today to Senate Banking national security and international trade and finance subcommittee Chairman Mark Warner (D-Va.) and Ranking Subcommittee Member Mark Kirk (R-Ill.), CUNA President/CEO Bill Cheney encouraged Congress to take a holistic approach to addressing data security issues.

"Focusing on one payment method as the absolute answer to solving data security breaches is both shortsighted and distracts from the greater need of a federal data security framework for all entities," he wrote.

"Data breaches occur, in part, because merchants are not required to adhere to the same statutory data security standards that credit unions and other financial institutions must follow, and merchants are rarely held accountable for the costs others incur as a result of the breaches. All participants in the payment process have a shared responsibility to protect consumer data, but the law and the incentive structure today allows merchants to abdicate that responsibility, making consumers vulnerable," Cheney said.

He noted the many steps credit unions have taken since the breach to protect their members, and said some credit unions also face reputational damage due to the breach.

Cheney in the letter said credit unions support three basic principles for data security fixes:
  • All participants in the payments system should be responsible and be held to comparable levels of data security requirements;
  • Those responsible for the data breach should be responsible for the costs of helping consumers; and
  • Consumers should know where their information was breached.
"Consumers need transparency and knowledge to understand where their data has been put at risk," Cheney added.

Similar points will be raised in separate letters to the House Energy and Commerce subcommittee on commerce, manufacturing, and trade and the Senate Judiciary Committee. Those groups have set their own data security hearings for this week. (See Jan. 31 News Now: House, Senate add data security hearings to next week's agenda.)
RSS





print
News Now LiveWire
CUNA: CUNA offices closed through Friday, News Now returns Monday http://t.co/a5xbLzQKDj
12 24 ago
Reminder: @CUNA's Madison, D.C. offices will be closed through Friday, open again on Monday. #NewsNow will publish Monday.
12 23 ago
MI dentist to match @CUDirect's $20K to @HurleyMedical as a result of #20for20 online voting http://t.co/hqmIc9LpK1 @CMNHospitals
12 23 ago
New #creditunion chartered in St. Louis - #LutheranFCU - by @TheNCUA http://t.co/faPfANGS0P. Only 3rd new FCU charter this year.
12 23 ago
Don't get hacked during the holidays-use these tips from @CUNA http://t.co/jEqxni6NhO #StoptheDataBreaches http://t.co/woIxPOIyys
12 23 ago