The National Retail Federation reiterated support for federal data breach notification standard as congressional panel held a hearing on this issue

Law Should Cover All Entities that Maintain Personal Information

WASHINGTON, 2015-1-28 — /EPR Retail News/ — The National Retail Federation reiterated its long-standing support for a federal data breach notification standard today as a congressional panel held a hearing on this issue, saying legislation should provide consumers with clear, concise and consistent notice whenever and wherever a data breach occurs.

“A single uniform national standard for notification of consumers affected by a breach of sensitive data would provide simplicity, clarity and certainty to both businesses and consumers alike,” NRF Senior Vice President for Government Relations David Frenchsaid. “A federal breach notification law would ensure reasonable and timely notice to consumers while providing clear compliance standards for businesses.”

French’s comments came in a letter to members of the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing and Trade, which is holding a hearing today on what should go into a notification bill.

For the past decade, NRF has called on Congress to pass a federal data breach notification law that would cover all entities that receive, handle and maintain sensitive personal information. NRF believes a national standard would provide retailers a practical framework to handle consumer notification and must preempt the 47 disparate state data breach notification laws retailers now comply with.

“If Americans are to be adequately protected and informed, any legislation to address these threats must cover all of the types of entities that handle sensitive personal information,” French said. “A federal notice obligation applying to all breached businesses would also create significant incentives across industries to invest in technologies to better protect data and to respond appropriately to breaches whenever and wherever they occur.”

“Regrettably, there are those who are spending time and resources casting blame on the victims of cybercrime, but retailers are actively engaged every day in efforts to protect their customers against those who commit the crimes,” French said commenting on the hearing. “Whether pushing for Chip and PIN credit cards or voluntarily and proactively initiating information-sharing platforms, retailers are less interested in finger pointing and far more interested in collaborating with multi-industry stakeholders and law enforcement to stop these crimes from happening in the first place.”

NRF is the world’s largest retail trade association, representing discount and department stores, home goods and specialty stores, Main Street merchants, grocers, wholesalers, chain restaurants and Internet retailers from the United States and more than 45 countries. Retail is the nation’s largest private sector employer, supporting one in four U.S. jobs – 42 million working Americans. Contributing $2.6 trillion to annual GDP, retail is a daily barometer for the nation’s economy. NRF’s This is Retail campaign highlights the industry’s opportunities for life-long careers, how retailers strengthen communities, and the critical role that retail plays in driving innovation. nrf.com

###

Stephen E. Schatz
202-626-8119
press@nrf.com
(855) NRF-Press