Today, U.S. Representative Ed Royce (R-CA) questioned representatives from both the financial services and retail industries on consumer data security, data breach notifications, and cyberattacks during the House Financial Services Committee hearing “Protecting Consumers: Financial Data Security in the Age of Computer Hackers.”
“When a data breach occurs, how should we allocate financial responsibility for that breach? For example, if a breach of sensitive customer information occurs at a financial intuition and it is shown that the institution did not protect the customer information as Gramm-Leach-Bliley requires, do you agree that the financial institution should be responsible for the cost of that breach?” questioned Rep. Royce.
“We believe that the entity that was negligent, or entities plural, should be responsible for their negligence,” replied Tim Pawlenty, President and Chief Executive Officer of the Financial Services Roundtable.
“Should the same be true of a merchant? If there is a breach with a high-likelihood of harm being done to the consumer should the merchant be responsible for the costs associated with that breach to the extent that the entity has not met minimum security requirements?” continued Rep. Royce.
“Absolutely,” replied Pawlenty.
Royce continued, “It has been proposed by some that consumers should receive notification of …read more
Source:: U.S. Rep. Ed Royce