On Feb. 26, the House Financial Services and House Energy and Commerce both held hearings on the issue of data/cybersecurity.  The following issues of interest to credit unions emerged from those meetings:

  • While encouraging that data security is being recognized as important, unfortunately the issue is migrating and is becoming no longer a matter of merchant liability. Now, it seems to be entirely a matter of consumer protection of private data, which is important. For credit unions, however, it is equally important for retailers to be held accountable.
  • House Financial Services will markup and pass Maxine Waters’ bill that addresses credit bureau handling of consumer data. That is expected to occur before the end of April and the full House is likely to pass the Waters bill in some form.
  • Senate Banking Chairman Mike Crapo yesterday said “data security will be a major focus” for his Committee, which will likely develop its own legislation.
  • Sources close to the LSCU say the Waters’ approach could result in “scrubbed” credit reports that are not useful to lenders in making credit decisions.  It seems legislators are trying to balance consumer protections with legitimate need for accurate and available credit reports.
  • It is disappointing that in these meetings, there is no conversation about specifically requiring retailers to do more.

Data security will be a major focus for credit unions during the CUNA GAC next month.  The League will continue to keep credit unions updated on the issue.