Rarely do community banking advocacy groups and credit union associations agree, yet alone agree strongly enough to sign the same letter to Congress. On Thursday, the ICBA, the ABA, the Credit Union National Association and the Financial Services Roundtable all joined with organizations from across the economy in a letter urging Congress to develop stronger legislation pertaining to data breaches.
Last year saw a number of such breaches, perhaps most notably at the credit reporting agency, Equifax. With that in mind, these groups and associations hope to see consumers better protected.
“Consumers’ private information is extremely important to them, and Congress must act to better protect them,” said Jason Kratovil, the vice president of government affairs for payments at the Financial Services Roundtable. “For the first time in over a decade, the banking, payment, retail, telecommunication and technology industries have come together to call on Congress to enact national data security legislation. Congress should harness this momentum and quickly deliver a bill to the President’s desk.”
Also signed by the Consumer Bankers Association, the National Association of Federally-Insured Credit Unions and 16 other trade groups, the letter was sent directly to the chairman of the House Energy & Commerce Committee, Rep. Greg Walden (R-OR), and the chairman of the Subcommittee on Digital Commerce and Consumer Protection, Reb. Bob Latta (R-OH).
“Data security impacts every sector of the economy,” the letter reads. “We therefore look forward to working with you and your colleagues to ensure that all sectors employ sound data security and alert consumers when a breach may result in identity theft or other financial harm.”
The letter featured distinct elements to include in legislation, such as:
• A flexible, scalable standard for data protection factoring in the size of an organization and the cost of implementation compared to the risk inherent to the personal information held.
• Required notifications in a timely fashion to impacted customers, law enforcement and applicable regulators whenever a breach has possibly occurred.