Retailers and other firms involved in the payments process should be subject to the same data security requirements as banks, ABA President and CEO Frank Keating and other trade group CEOs said in an op-ed today published in The Hill newspaper. The CEOs expressed their support of the Data Security Act, legislation introduced by Sens. Roy Blunt (R-Mo.) and Tom Carper (D-Del.) and Reps. Randy Neugebauer (R-Texas) and John Carney (D-Del.) that provides “a reasonable, flexible and scalable solution” for protecting consumers against data breaches.
The act — modeled on the rigorous standards already in place in the financial industry under the Gramm-Leach-Bliley Act — would replace state data protection laws with a single set of national requirements and establish a national data security and breach notification standard for financial institutions and retailers.
“As is often the case, technology and innovation have far outpaced the existing body of laws and regulations designed to keep consumers safe. Expectations that sensitive personal and financial data is being kept safe are not being met, and Congress needs to act,” the CEOs said. ABA recently wrote to Congress in support of the bills, whose objectives are part of the association’s Agenda for America’s Hometown Banks.