Newsroom

February 04, 2015

Thaler pushes data security suggestions with lawmakers

NAFCU's Brad Thaler continued the association's press for legislation addressing the onslaught of data security breaches in a letter Wednesday to a Senate Commerce subcommittee, which holds a hearing today on that topic.

Thaler, NAFCU's vice president of legislative affairs, thanked Consumer Protection, Product Safety, Insurance, and Data Security Subcommittee Chairman Jerry Moran, R-Kan., and Ranking Member Richard Blumenthal, D-Conn., for scheduling today's hearing. He also gave suggestions to guide any legislative solution addressing data breaches, including:

  • ensuring that breached entities be accountable for costs resulting from their negligence;
  • ensuring that consumers are notified of breaches and made aware of retailers' data security policies; and
  • ensuring that account servicers are notified.

NAFCU, with other financial trade groups on Tuesday, sent a similar letter in preparation for today's hearing.

The full Senate Commerce, Science and Transportation Committee held a hearing Wednesday on cybersecurity. During the hearing, Ranking Member Bill Nelson, D-Fla., highlighted the hardships consumers face after a data breach as they scramble to protect their identities, replace credit cards and recover funds taken from their accounts.

While questioning witnesses, Sen. Joe Manchin, D-W.Va., said businesses at fault for a data breach should be held financially responsible. He said businesses need incentives to invest in the best technologies and adopt practices to prevent breaches.

The hearing largely dealt with cybersecurity framework released by the National Institute of Standards and Technology last February. Hearing witnesses, including NIST Director of the Information Technology Laboratory Charles Romine and representatives from the U.S. Chamber of Commerce and Financial Services Roundtable, said the framework's voluntary nature has contributed to its success.

NAFCU Senior Vice President of Government Affairs and General Counsel Carrie Hunt this week also reiterated the importance of coupling cybersecurity measures with a national data security standard for retailers.