News Feed

Protecting Consumer Data Security: On Capitol Hill and Off

Thu, May 14, 2015

Columbia, Maryland

The Association’s Advocacy team continues to hit Capitol Hill in order to discuss with our delegation ongoing concerns and issues of importance to our member credit unions. Last week we met with the staff of six members of Congress and will continue to meet with additional offices over the next week.  We discussed several issues but none more important than protecting data security and breaches which continue to affect our members.  

We strongly support (as does CUNA) H.R. 2205 - To protect financial information relating to consumers, to require notice of security breaches… introduced by Rep. Neugebauer (R-TX) and co-sponsored by Rep. Carney (D-DE) as well as the more succinctly titled Senate companion bill S. 961 – Data Security Act of 2015, introduced by Sen. Carper (D-DE) and co-sponsored by Sen. Blount (R-MO).  Both bills would mandate a national data security standard and trigger mandatory public notification once a company or entity becomes aware of a breach affecting consumer data. 

Public and consumer notification would seem (at least) on the surface like an obvious area in which all sides could agree. However, scratch the surface and that’s simply not the case as large national merchants often through their trade associations continue to oppose the type of public transparency which credit unions and other financial institutions have been following under the Gramm–Leach–Bliley Act, also known as the Financial Services Modernization Act of 1999. According to projections by Consumer Reports, more than 70 million American adults had their personal data compromised in 2014.

Off the Hill, a number of credit unions and state leagues have joined CUNA as plaintiffs in a nationwide class-action lawsuit against Home Depot in connection with a September 2014 data breach. While the lawsuit will be neither a quick process nor a solution to the overall issue, it is a step in holding retailers accountable for the financial losses which accrue to credit unions members.  Target Corp. just recently announced an agreement to reimburse $19 million to financial institutions who had issued MasterCard-branded cards that were a part of the massive data breach at the retailer in 2013. Target said at least 40 million credit cards were compromised by the breach and the attack might have resulted in the theft of personal information from as many as 110 million people. According to news reports, Target is negotiating separately with Visa, Inc.   

Back on the Hill, an important hearing is taking place this week:

House Financial Services Committee

Hearing: “Protecting Consumers: Financial Data Security in the Age of Computer Hackers” 
Thursday, May 14, 2015, 10:00 AM in 2128 Rayburn House Office Building, Full Committee  

We have been informed by committee sources that it is not an accident that it will be a full Committee hearing, rather than simply a Subcommittee.  This is meant to show the seriousness accorded the issue by Chairman Hensarling (R-TX) and majority staff.  We will monitor, weigh in and push forward with our members of Congress and urge you to do the same (we can also assist you in easily reaching out) in support of H.R. 2205 and S. 961.

For more information contact: Glen Cooney - VP, Advocacy & Legislative Affairs / 443-325-0775 /