Lack of National Data Security, Privacy Law Harms Consumers | 2021-11-03

Data privacy and security remain a major concern for consumers and credit unions, CUNA wrote to a House Financial Services subcommittee on Wednesday ahead of its hearing on cyber threats.

“Credit unions strongly support the enactment of a national data security and data privacy law that includes robust security standards that apply to anyone who collects or stores personal data and that interferes with state laws,” the letter reads. “We firmly believe that there can be no data privacy until there is strong data security.

With that in mind, credit unions are calling on Congress to enact a robust national data security standard that includes all entities that collect consumer information and hold those who compromise that data accountable through regulatory enforcement,” it adds. . “Securing and protecting consumer data is important not only for their individual financial health, but also as a further safeguard against rogue international agents and interference by foreign governments.”

CUNA notes that since 2005 there have been more than 10,000 data breaches exposing nearly 12 billion consumer records, costing credit unions and consumers hundreds of millions of dollars and compromising privacy.

Credit unions are calling on the commission and Congress to follow the following principles for federal privacy and data security law:

  • New privacy and data security laws should keep the Gramm-Leach-Bliley Act (GLBA) intact as their financial services regulators have developed regulations, guidelines and procedures for compliance.
  • Any new privacy law must include both data privacy and data security standards.
  • The new law must apply to all companies, institutions and organizations.
  • Any new law must anticipate state requirements to simplify compliance and create equal expectations and protection for all consumers.
  • Breach notifications or disclosure requirements are important, but only these requirements
  • will not improve security or privacy
  • Hold entities that endanger consumer privacy and security accountable through regulation
  • enforcement
  • Recognize this problem for what it is: a matter of national security.


Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top