By Camden R. Fine
June 18, 2015 at 5:00 am ET
Recently, I was taken aback by the retail industry’s brazen attack against Representatives Randy Neugebauer (R-Texas) and John Carney (D-Del.) for introducing legislation to help stem the tide of recent data breaches that happen disproportionately at “big box” retailers.
If retailers were concerned about the impact of their massive data breaches on their customers, they would be sitting down with these members of Congress to help craft legislation that better protects consumers—not trying to demonize them and their efforts through the press. If retailers were to enter into a constructive dialogue with Neugebauer, Carney and the greater financial services industry, then they might see that the security standards these lawmakers are proposing would enhance consumer protections nationwide.
The Data Security Act of 2015 (H.R. 2205) would establish a scalable and flexible national data security and notification law in place of the current patchwork of state laws. The act would require any business that maintains sensitive personal and financial information—including banks, credit unions, verified retailers and data brokers—to implement and enforce reasonable policies and procedures to protect the confidentiality and security of sensitive information from unauthorized use.
If the retailers were at the table, they might recognize that financial institutions have successfully adhered to similar standards since the Gramm-Leach-Bliley Act was enacted back in 1999. These standards apply to the smallest church basement credit union and Main Street community bank—but not to multi-billion-dollar retailers such as Target and Home Depot that have exposed the sensitive personal data of millions of consumers.
While the status quo reigns supreme for the retail industry, it wreaks havoc on the average consumer’s personal data, which is woefully under-protected when entrusted to retailers.
The efforts of Reps. Neugebauer and Carney to consider stronger, more flexible, and evenly applied data security and notification standards should be applauded, not demonized. The financial services industry is at the table working with these and other members of Congress to find ways to better protect average consumers, who also happen to be our customers and neighbors. There is a spot at the table for the retailers to enter into this thoughtful dialogue. We’re waiting…
Camden R. Fine is president and CEO of the Independent Community Bankers of America.