United States : Retailers Say Data Breach Notification Law Should Cover All Affected Businesses and 'leave No Holes'.
American consumers want to know if their data has been breached no matter where the breach occurs, NRF Vice President and Senior Policy Counsel Paul Martino said. No industry should be allowed to keep its data breaches secret.
The House Financial Services Committee is scheduled to hold a hearing on data breaches on Wednesday, and NRF is concerned that the session will lead to a repeat of unsuccessful 2015 legislation that would have made notification mandatory for retailers but voluntary for financial institutions. Banks will be represented at the hearing but retailers have not been invited. NRF prefers the approach being taken by the House Energy and Commerce Committee, which held a listening session last week where representatives of a cross section of industries that would be affected by a breach law were allowed to voice their concerns.
In a letter sent to the Financial Services Committee today, NRF, NRFs National Council of Chain Restaurants and other trade associations representing convenience stores, restaurants, truck stops, gasoline stations, grocers, real estate agents, franchises, hotels and the travel industry said they support a uniform federal law governing what business must do when credit card or other data is breached, but said it should apply to all businesses that handle sensitive consumer data.
Every industry sector whether consumer-facing or business-to-business suffers data security breaches that may put consumer data at risk, the letter said. To protect consumers comprehensively wherever breaches occur, Congress should ensure that any federal breach notification law applies to all affected industry sectors and leave no holes.
Citing the 2017 Verizon Data Breach Investigations Report, the letter noted that the financial services industry accounts for 24.3 percent of all data breaches while retail represents only 4.8 percent. More than 80 percent of all breaches take place in industries other than those signing the letter.
The letter asked for a uniform national law to replace existing state laws, establishment of reasonable data security standards, Federal Trade Commission enforcement, and a requirement that all breached entities be obligated to notify consumers when they suffer a breach of sensitive information that creates a risk of identity theft or financial harm.
NRF has long called for a uniform federal data breach law to replace separate and often-conflicting laws in 48 states and the District of Columbia that are confusing for consumers and create compliance challenges for multi-state retailers. NRF has argued that the new federal law should cover banks, card processors, telecommunications companies and all other entities that handle sensitive consumer data. By contrast, banks and other industries have pushed for breach notification legislation that would subject retailers to mandatory security rules while banks themselves would be subject only to discretionary guidance.
NRF is the worlds largest retail trade association, representing discount and department stores, home goods and specialty stores, Main Street merchants, grocers, wholesalers, chain restaurants and Internet retailers from the United States and more than 45 countries. Retail is the nations largest private-sector employer, supporting one in four U.S. jobs 42 million working Americans.
[c] 2018 Al Bawaba (Albawaba.com) Provided by SyndiGate Media Inc. ( Syndigate.info ).
|Printer friendly Cite/link Email Feedback|
|Date:||Feb 14, 2018|
|Previous Article:||Morocco : Morocco, Uruguay Vow to Strengthen Bilateral Ties.|
|Next Article:||United States : Jetstar Brings Nuance Nina-Powered Virtual Assistant "Jess" to Facebook Messenger in Industry First.|