NCL calls on gov't, business to better protect consumer data

Share this article:
Name.com, Facebook and Verizon are among the companies backing the newly-formed group.
Noting that consumers are being asked to provide more information than ever before and are less protected, the NCL has proposed reforms.

A consumer group is pushing business and government to adopt comprehensive reforms to better protect consumer data by among other things, urging lawmakers to pass a stringent national data breach notification bill and software vendors to not rely on patches to secure their products.

Noting that consumers are being asked to fork over more information, and that data breaches put that information at great risk, The National Consumers League (NCL), a 115-year-old consumer advocacy, has developed an awareness campaign and a list of reforms as part of a #DataInsecurity Project because “the landscape of protection for consumers is woefully inadequate,” concerns borne out by NCL's "The Consumer Data Insecurity Report: Examining the Data Breach—Identity Fraud Paradigm in Four Major Metropolitan Markets," based on recent research from Javelin Strategy & Research.

“Consumers are being asked to share more information with business, government and not-profits,” John Breyault, NCL's vice president, public policy, telecommunications and fraud, told SCMagazine.com Monday. “And the information is not always as protected as we think it should be.”

Initially convening late last fall at a conference to discuss identity theft, the group, which has been trying to hammer home the importance of online security for 20 years, changed its tactics in the wake of the Target breach.

“We realized we needed to rethink our approach and not just focus on the symptoms and ignore the larger issues,” Breyault said.

The NCL aimed its efforts at “what can be done by government and what incentives business needs” to bolster the security.

The Javelin research, which Breyault co-authored and which surveyed fraud victims in four major metropolitan areas — Washington, D.C., Minneapolis, Miami and Los Angeles — found that victims, nearly a third of whom take no action in the aftermath of fraud, blame businesses and banks for breaches. And, the bulk, 70 percent, “expect the federal government to ensure that businesses adhere to data security standards” though they also see existing regulations as “generally insufficient.”

The NCL intends to put pressure on lawmakers to come up with a national data breach bill, modeled after the tough, no-nonsense California legislation.

Noting that there is broad agreement that data is at risk and therefore should be a bipartisan effort, Breyault noted that data security legislation has been “held up for years in Congress,” with the exception of the recent progress made regarding information-sharing. And with only about “four weeks left until Congress recesses,” he doesn't expect legislative action any time soon.

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.