By Frank Keating, Richard Hunt, Jim Nussle, Tim Pawlenty, Camden R. Fine, B. Dan Berger and Jim Aramanda
When consumer expectations don’t match reality, things can go terribly wrong.
Americans expect companies with which they do business to protect their sensitive personal and financial data. Yet, the reality is American consumers are under constant threat of identity theft and fraud due to lax security practices that leave the door open to cyber criminals.
In some sectors, where the nature and sensitivity of consumer data has always been obvious, such as banking and health care, Congress long ago aligned consumer expectations with federal requirements to keep customer information safe. The reality of today’s interconnected, data-driven world means other less-obvious sectors like retail handle and store much of the same sensitive data.
As is often the case, technology and innovation have far outpaced the existing body of laws and regulations designed to keep consumers safe. Expectations that sensitive personal and financial data is being kept safe are not being met, and Congress needs to act.
Despite the alarming rise in the number and sophistication of cyber threats and merchant data breaches, no federal standard for protecting consumer data at retailers and other firms that handle sensitive financial information exists. Sens. Roy BluntRoy BluntSenators hope for deal soon on mental health bill Cruz: VA secretary 'should resign' Overnight Defense: VA chief 'deeply' regrets Disney remark; Senate fight brews over Gitmo MORE (R-Mo.) and Tom CarperTom CarperFinancial industry spars with retailers over data breach bill Week ahead: Cyber Command in the spotlight Lawsuit exposes M cybertheft through banking software MORE (D-Del.) and Reps. Randy NeugebauerRandy NeugebauerOvernight Finance: GOP's budget 'SWAT' team | What to watch at IRS impeachment hearing | Sanders bucks Dem leaders on Puerto Rico bill Overnight Cybersecurity: Clinton email hacker to plead guilty Financial industry spars with retailers over data breach bill MORE (R-Texas) and John Carney (D-Del.) have stepped in to help.
With approximately 200 million electronic payment transactions daily – 2,300 transactions per second – Blunt, Carper, Neugebauer and Carney want to ensure a customer’s sensitive personal and financial information are secure at every point in the payment process. That is why they have introduced S. 961/H.R. 2205, the Data Security Act of 2015 – bills that provide a reasonable, flexible and scalable solution to better protect consumers and their hard-earned money.
These bills recognize today’s savvy cyber criminals are seeking out the weakest link in the payment system. Businesses of any shape and size are susceptible to breaches that can result in drained accounts, racked up credit card bills, and stolen identities. That’s why these measures are modeled after existing law that provides a successful framework used by the financial sector, a diverse industry in which one-size-fits-all regulations rarely work. Rather, the standards can be tailored to avoid unnecessary burdens on small businesses and take into consideration the size, scope, and type of financial information businesses hold.
When it comes to ensuring consumer expectations of data security are met, “bank-like” should be the baseline standard by which other industries are measured. Securing consumer information should be a priority for every industry. Blunt, Carper, Neugebauer and Carney have adeptly crafted bills that would ensure all parties in the custody of sensitive consumer information take reasonable precautions to protect this information before a breach occurs. It’s time to do what’s best for consumers. We urge everyone involved in the payment system and entrusted with consumers’ financial information to rally behind effective legislation to better protect consumers and strongly support the Data Security Act of 2015.
Keating was the Republican governor of Oklahoma from 1995 to 2003 and is currently president and CEO of the American Bankers Association; Hunt is president and CEO of the Consumer Bankers Association; Nussle was Republican congressman from Iowa from 1991 to 2007 and is currently president and CEO of the Credit Union National Association; Pawlenty was Republican governor of Minnesota from 2003 to 2011 and is currently president and CEO of the Financial Services Roundtable; Fine is president and CEO of the Independent Community Bankers of America; Berger is president and CEO of the National Association of Federal Credit Unions; and Aramanda is president and CEO of The Clearing House. Their organizations are members of the Financial Services Data Security Coalition.