May 01, 2014

White House backs data breach notification

wc1May 2, 2014 – A White House working group on big data and privacy is recommending passage of a national data breach standard, a key element of NAFCU's five-point plan for regulatory relief.

The recommendation is one of several included in a report announced Thursday following a 90-day review of big data and privacy. While the White House's fact sheet on the report boasts the value of big data in medical treatments, economic impacts and fraud prevention, it also notes concerns about its impact on the balance of power, personal privacy and discrimination.

"No matter how quickly technology advances, it remains within our power to ensure that we both encourage innovation and protect our values through law, policy, and the practices we encourage in the public and private sector," the fact sheet says.

Recommendations from the working group, led by White House counselor John Podesta (see his blog post), also include:

  • advance the Consumer Privacy Bill of Rights, which the White House recommended in 2012;
  • extend privacy protections to non-U.S. persons;
  • ensure data collected on students in school is used for educational purposes;
  • expand technical expertise to stop discrimination;
  • amend the Electronic Communication Privacy Act.

NAFCU, amid ongoing reports of merchant data breaches at Michaels Stores, the Target breach and others, is continuing to press lawmakers for action on national standards on data security and breach notification for merchants. Credit unions and banks are already subject to such standards under the Gramm-Leach-Bliley Act, but merchants are not.