Democratic members of the House Financial Services committee have called on Chairman Jeb Hensarling (R-Texas) to hold a full committee hearing on the Target data breach.
“We note that the Committee’s oversight plan for the 113th Congress states that building on the Committee’s long-standing role in developing laws governing the handling of sensitive personal financial information about consumers including the Gramm-Leach-Bliley Act and the Fair and Accurate Credit Transactions Act, the Committee will continue to evaluate best practices for protecting the security and confidentiality of such information from any loss, unauthorized access, or misuse,” the 17 congressmen and women wrote in a letter on Friday.
The letter is signed by Democrat congressmen and women including Ranking Member Maxine Waters (Calif.), Carolyn Maloney (N.Y.), Lacy Clay (Mo.), Daniel T. Kildee (Mich.), Terri A. Sewell (Ala.), James A. Himes (Conn.), Gary C. Peters (Mich.), Gwen Moore (Wis.), Denny Heck (Wash.), Michael E. Capuano (Mass.), Kyrsten Sinema (Ariz.), Emanuel Cleaver (Mo.), Ed Perlmutter (Colo.), David Scott (Ga.), Stephen F. Lynch (Mass.), Gregory W. Meeks (N.Y.) and Bill Foster (Ill.). “It is incumbent upon our Committee to explore whether industry data protection standards are appropriate, and examine whether heightened regulatory standards are needed to more effectively protect consumers,” the letter said. “A hearing would provide members the opportunity to hear from regulators and the industry to learn what steps merchants, financial institutions, payment processers, card networks and others should take to reduce vulnerabilities in the payment system, and strengthen measures that protect consumers from fraud,” they wrote.
Both NAFCU and CUNA have written letters to the House and Senate leadership requesting hearings on data security after the Target breach, which affected more than 70 million people.
“Neiman Marcus Inc. and the Target Corporation are just the latest in a string of large-scale data breaches impacting millions of American consumers. The aftermath of these and previous breaches demonstrate what we have been communicating to Congress all along: credit unions and other financial institutions – not retailers and other entities – are out in front protecting consumers, picking up the pieces after a data breach occurs,” said NAFCU President/CEO Dan Berger in a letter to Senate Majority Leader Harry Reid and Minority Leader Mitch McConnell on Monday.
“It is the credit union or other financial institution that must notify its account holders, issue new cards, replenish stolen funds, change account numbers and accommodate increased customer service demands that inevitably follow a major data breach,” he added.
NAFCU has also called on Congress to pass legislation that would hold retailers to the same standard as financial institutions in protecting consumers’ personal information.
John McKechnie, industry lobbyist who is a partner with the Washington-based firm Total Spectrum, said it’s possible the retail industry will oppose any and all attempts to improve data security and provide relief to consumers, but encouraged credit unions to stand up for what's right.
“Unlike the situation involving debit interchange and the Durbin Amendment, which was sold as a way to lower costs, this is a case where millions of consumers have been harmed,” he said. “Credit unions have a case to make, and we should make it."