Are The Stars Aligning for Sensible Data Privacy Reform?

January 31, 2019 at 9:29 am Leave a comment

That’s the question I have been asking myself lately and I am cautiously optimistic that the answer is yes.

First there is Banking Chairman Mike Crapo’s list of his key priorities to this legislative session. Right after housing reform (more on that in future blogs) and further reforms to capital markets comes data protection, privacy and security. Courtesy of our good friends at Facebook, Russian hackers and massive data breaches such as that which occurred with Equifax, the American public has woken up to the dangers of unregulated data markets and poorly protected personal information.

Why is this important? Because for too long this debate has been framed as one between merchants who don’t think they should be subject to increased data security requirements and credit unions and banks which correctly argue that the current system imposes baseline federal and state data security standards on them which unregulated businesses simply undermine due to their lax in security standards.

In addition, this is a concern that is crossing party lines. Facebook’s image as the hip kid on the block has taken a huge hit not only because of the Russian campaign scandal but because of its hardball tactics employed against competitors who dare to criticize their business model.

Bottom-line: This is one of the few areas where we might be able to forge bipartisan support. Expect one of the big sticking points to be preemption. To me it makes sense to have a unified set of baseline data security standards and notification requirements but in talking to congressional staffers last year it’s safe to say that some in the House of Representatives vehemently disagree with this approach. They point to the cyber security regulations imposed on state chartered institutions in New York as an example of the type of regulations that shouldn’t be blocked by federal law.

Finally, recent rulings dealing with the Equifax data breach demonstrate why one of the issues that both state and federal legislators have to take a look at is standing. Before you can sue someone you have to demonstrate you are harmed by their actions. Although many litigants were recently allowed to continue their lawsuits against Equifax, the same Georgia court also ruled that only financial institutions which issued compromised cards that had to be replaced or which resulted in fraudulent transactions could demonstrate actual harm. (IN RE EQUIFAX, INC., CUSTOMER DATA SECURITY BREACH LITIGATIONMDL DOCKET NO. 2800 1:17-md-2800-TWT) The problem with this standard is that it does not adequately account for the harm done to banks and consumers simply by the fear that their compromised personal information may be used against them at a future time.

On that note, stay warm and enjoy the rest of your day.


Entry filed under: Advocacy, General, Legal Watch. Tags: , , .

Final Regulation Triggers Important Changes For Flood Insurance High Noon For NY Cybersecurity Compliance

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Authored By:

Henry Meier, Esq., Senior Vice President, General Counsel, New York Credit Union Association.

The views Henry expresses are Henry’s alone and do not necessarily reflect the views of the Association. In addition, although Henry strives to give his readers useful and accurate information on a broad range of subjects, many of which involve legal disputes, his views are not a substitute for legal advise from retained counsel.

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 587 other followers