The Oregon Biz Report - Business News from Oregon

Read about accutane journal moderate acne here

National Retail Federation: Data breach law needed now

September 15, 2017

Retailers Cite Equifax As Need For Uniform Data Breach Law

J. Craig Shearman

National Retail Federation

“Hackers do not discriminate as to the type of business they attack.”

The National Retail Federation and other industry associations are telling Congress that any new federal law on data breach notification should apply to all industries that handle consumer data, citing the recent breach at the Equifax credit reporting agency.

“The fact is that hackers do not discriminate as to the type of business they attack,” NRF and the other groups said in a letter to House and Senate leadership of both parties. “Every industry sector – whether consumer-facing or business-to-business – faces data security threats that may put consumer data at risk.”

“To protect customers and ensure effective public policy, Congress should ensure that any federal breach notification law applies to all affected sectors and leaves no holes in our system for some industries that criminals can exploit,” the letter said.

The letter was signed by NRF, NRF’s National Council of Chain Restaurants, and associations representing convenience stores, truck stops, gasoline stations, grocers, real estate agents, franchises and the travel industry.

Citing the 2017 Verizon Data Breach Investigations Report, the letter noted that the financial services industry accounts for 24.3 percent of all data breaches while retail represents only 4.8 percent. More than 80 percent of all breaches take place in industries other than those signing the letter.

The letter asked for a uniform national law to replace existing state laws, reasonable data security standards, Federal Trade Commission enforcement, and a requirement that all breached entities be obligated to notify consumers when they suffer a breach of sensitive information that creates a risk of identity theft or financial harm.

Equifax announced last week that it had been the victim of a massive data breach that compromised information ranging from names to Social Security numbers for as many as 143 million individuals. The breach, which began in mid-May, was discovered on July 29 but not disclosed for more than a month.

NRF has long called for a uniform federal data breach law to replace separate and often-conflicting laws in 48 states and the District of Columbia that are confusing for consumers and create compliance challenges for multi-state retailers. NRF has argued that the new federal law should cover banks, card processors, telecommunications companies and all other entities that handle sensitive consumer data, not just retailers. By contrast, banks and other industries have pushed for breach notification legislation that would subject retailers to stringent bank-style security rules while banks themselves would be subject only to discretionary guidance.

 

  
Print This Post Print This Post    Email This Post Email This Post

Discuss this article

no comments yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Please answer the following question to confirm that you are a real person: *

Top Business News

 

Top Natural Resource News

 

Top Faith News

 

Copyright © 2017, OregonReport. All Rights Reserved. | Terms of Use - Copyright - Legal Policy | Contact Oregon Report

Stay Tuned...

Stay up to date with the latest political news and commentary from Oregon Business Report through daily email updates:

Delivered by FeedBurner

Prefer another subscription option? Subscribe to our RSS Feed, become a fan on Facebook, or follow us on Twitter.

RSS Twitter Facebook

No Thanks (close this box)