CONTINUE TO SITE »
or wait 15 seconds

News

Congress breathes new life into data-security concerns

The VA data-breach revelation has given rise to new concerns about data security at the Congressional level. As a result, the House Financial Services Committee this week pushed to have PCI standards enacted into law.

May 30, 2006

WASHINGTON - This week's disclosure of a massive data breach at the U.S. Veterans Administration gives momentum to legislation that would impose new penalties for poor data security, and allow consumers to "freeze" credit after personal information is stolen.

Several lawmakers cited the VA incident - which involved the theft of names, Social Security numbers and personal information from as many as 26 million military veterans stored on a computer disc - as the latest in a growing number of reasons why Congress needs to enact laws that address data breaches.


This story and all the
great free content on
ATMmarketplace is
supported by:

Self-Service World Awards

Self-Service World Outstanding
Achievement Awards

Rep. Darlene Hooley (D-Ore.), told House of Representatives' Financial Services Committee that he wanted new funding to be made available for the VA to notify all affected veterans. He also asked that credit monitoring for those veterans be provided for six months - an expense that could cost tens of millions of dollars.

Financial industry lobbyists said the VA case gives impetus to enacting provisions that require entities responsible for a data breach, such as a third-party cards processor, retailer or financial institution, pay all costs associated with the remedies. That would include costs to notify customers, replace cards and resolve incidents of fraud.

Such a requirement is not currently in any of the data-security bills. Lobbyists say they are working with lawmakers to ensure banks and credit unions don't get stuck holding the bill. Others, like Rep. Deborah Pryce ( R-Ohio), also member of the Financial Services Committee, said government agencies like the VA and private-sector entities like processors, retailers and FIs, should be responsible for expenses associated with customer notification after a data breach.

The 'freeze'

Another issue: Should customers be permitted to enact a "credit freeze" after incidents of fraud are discovered. Some lawmakers said such allowances would reap havoc as customers could have the option to freeze their credit every time they feel threatened.

Committee staffers also are pushing for a provision in data-security legislation that would enact Visa USA's and MasterCard International's Payment Card Industry standards into law. The standards restrict retailers from holding credit-card information after it's used. Recently, the holding of such data has been identified as one of the main sources of card compromises. (System leak compromises debit cards.)

At least six bills are moving in the House, and one is already before the Senate.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf

Software
Top 10 ATM software solutions
Software
Examining the past, present and future of XFS
Commentary
ATM features: 5 to include
Special Report
2024/25 ATM & Self-Service Software Trends
Presented by KAL ATM Software GmbH
Recent Posts
SEC accuses former ATM businessman Daryl Heller of funneling $185M from investors
Fifth Third named as top veteran friendly employer
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims
NCR Atleos earns #5 rank in fintech rankings
SEC to revamp cryptocurrency policies amid Trump's pro crypto push


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'