As the number of data breaches continues to grow and increase in severity and as the White House throws its weight behind data beach notification legislation, a credit union organization has beseeched Congress to create a bipartisan data breach working group.
Hit hard by the financial ramifications of breaches and likely to be hit even harder as they struggle to absorb the costs of payment card replacement and fraud, the credit unions asked legislators to consider a bicameral working group that could help “with developing legislative proposals to help prevent the massive data breaches that have exposed tens of millions of consumer debit and credit cards to fraudulent activity in recent months,” the National Association of Federal Credit Unions (NAFCU) said in a letter to leaders in both the House and the Senate.
Noting that breaches “in both the private and public sectors have the ability to cause irreparable harm to consumers everywhere” with ramifications that include “fraudulent account activity, working to repair credit score damage, and even identity theft,” the NAFCU made a case for credit union involvement legislation development since they “are on the front lines assisting their members in the wake of ongoing data breaches.”
The financial institutions “have a unique understanding of how detrimental such data breaches can be to consumers and small financial service providers,” the letter said.
Indeed, credit unions have been more vocal lately, lending their voice to a chorus clambering for clearer legislative guidance and to clarify responsibility for the cost of breaches.
In November NAFCU urged Congress to take proactive steps in establishing national data security standards for retailers, arguing that if action does not take place, Congress is allowing for the personal information of customers to be at risk, which ultimately ends up costing credit unions.
The call to action has built to a noisy crescendo in the wake of President Obama's proposal of a national data breach notification law prior to and during his annual State of the Union address.
The President's proposal spurred Sen. Bill Nelson D-Fla., ranking member of the Senate Commerce Committee, to announce that he is in the final stages of drafting the Data Security and Breach Notification Act of 2015, resurrecting previous similar legislation. The act would mandate a 30-day reporting standard, if passed, and supersede the 47 state data security and breach notification laws currently on the books.