American banks and retailers are sparring over whether financialfirms should follow a new national standard to quickly notifyconsumers when they've experienced a data breach.

Equifax Inc. said last week that it would notify an additional2.4 million consumers who were hacked during its massive databreach in 2017 — but a draft of a House bill with bipartisansupport would exempt the credit-reporting agency from the newrequirements.

The proposal, backed by Representative Blaine Luetkemeyer,a Missouri Republican, and Carolyn Maloney, a New York Democrat,would establish a federal mandate for when and how certaincompanies, like retailers, tell customers about a data breach.Financial institutions, would be exempt, because they already haveto adhere to the 1999 Gramm-Leach-Bliley Act, which establishesprivacy protections for consumers, according to Luetkemeyer'soffice. Equifax falls under that category because it collectssensitive financial information.

Complete your profile to continue reading and get FREE access to, part of your ALM digital membership.

  • Critical information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.