Restaurant lobbyists are teaming up with their counterparts in retailing, lodging and other credit card-dependent industries to ensure that banks can’t continue to dodge responsibilities when a security breach occurs.
A letter delivered to the House of Representatives’ Financial Services Committee urges the lawmakers to include all companies that could be involved in a breach to be covered by any laws that come out of hearings that commence today. It notes that 24% of data breaches occur in the banking industry, yet those parties are spared under current law from having to alert affected consumers.
That privilege has long rankled restaurants, the parties who now shoulder the responsibility of alerting customers when hackers get access to credit card info. In other instances, financial institutions have sat on news of a breach, leaving restaurant customers vulnerable for days or even weeks.
The National Restaurant Association joined with the International Franchise Association, the National Retail Federation, the American Hotel & Lodging Association and seven other trade groups to urge in the letter that any new credit card security requirements apply to all affected parties.
“Congress should ensure that any federal breach notification law applies to all affected industry sectors and leaves no holes in our system that would enable some industries to keep the fact of their breaches secret,” it states.
The letter also asks the Financial Services Committee to promote only reasonable security requirements.
“America’s commercial businesses are remarkably diverse in size, scope and operations,” the communication states. “A reasonable standard, consistent with federal consumer protection laws applicable to businesses of all types and sizes, would allow the right degree of flexibility while giving businesses the appropriate level of guidance they need to comply.”
The Committee has not responded publicly to the business groups’ requests.