Financial Groups’ Latest Campaign: “Stop the Data Breaches”
In the latest chapter of the long-running policy dispute between retailers and the financial industry over who is responsible for improving consumer data security, an array of financial groups has launched a new campaign to pressure Congress to pass legislation requiring more protections from merchants.
The financial industry is getting frustrated by the slow progress on a key piece of data-security legislation sitting in Congress. So to play up the impact of the measure, financial groups are amplifying a new call to action.
The “Stop the Data Breaches” campaign aims to draw attention to the costs associated with merchant data breaches and make the case that legislative action is needed. It’s backed by seven trade groups: the American Bankers Association, the Consumer Bankers Association, the Credit Union National Association, the Independent Community Bankers of America, the Financial Services Roundtable, the National Association of Federal Credit Unions (NAFCU), and The Clearing House.
The groups support the Data Security Act, versions of which (H.R. 2205 and S. 961) are up for a vote in the House and Senate.
According to an NAFCU survey, the average cost of a merchant data breach in 2014 was $226,000. And some, such as Target’s infamous 2013 breach, cost retailers tens of millions. The Target breach, among others, has made data security a touchstone issue for the financial sector.
“Credit unions and other financial institutions are continuing to pay the tab for retailer data breaches, and consumers’ data remains vulnerable,” Brad Thaler, vice president of legislative affairs at NAFCU, said in a news release.
But retailers claim that provisions in the bill that would require merchants to beef up data protection measures and consumer notification practices would add unnecessary red tape for small businesses. In an op-ed for The Hill last year, National Retail Federation Senior Vice President for Government Relations David French lobbed the ball back to the credit card companies, saying the financial industry needs to do more to secure chip-based cards.
“Rather than wasting time with a new scheme to regulate Main Street businesses already too busy just trying to stay afloat, Congress should take concrete steps to make sure the credit card cartel finally does the right thing and makes its cards secure,” French wrote. “Replacing signatures with PINs would be a good first step.”
The financial industry coalition is promoting the Stop the Data Breaches campaign this week with online ads and one in the print edition of The Hill.
“Financial institutions have had this obligation for 15 years, and it’s long overdue for Congress to pass legislation ensuring that everyone has a similar mandate to keep customer data safe,” Jason Kratovil, vice president of government affairs for payments at FSR, said in a news release.