Merchant Data Breaches

Impact

Retailers do not face the same strict data security standards that financial institutions are subject to under Gramm-Leach-Bliley (GLBA). Major merchant data breaches expose credit unions to significant monetary costs and reputational risk. 

CUNA continues to work with coalition of financial services industry members to enact legislation requiring strong data security standards for retailers. 

Where We Stand

CUNA continues to support legislation that would provide: 

  • Strong national data protection and consumer notification standards with effective enforcement provisions. 

  • Recognition of robust data protection and notification standards to which credit unions and banks are already subject. 

  • Preemption of inconsistent state laws and regulations in favor of strong Federal data protection and notification standards. 

  • Ability for credit unions and banks to inform customers and members about a breach, including where it occurred. 

  • Shared responsibility for all those involved in the payments system for protecting consumer data. The costs of a data breach should ultimately be borne by the entity that incurs the breach.

What We've Told Lawmakers & Regulators
Show All

Related Issues