Protect American Data Instead of Bailing Out Mega Stores

COMMENTARY

The recent announcement of the Capital One-Discover merger has been escalating public attention on the ever-changing credit card payments industry. As consumer and lawmaker attention to this issue grows, proponents of a harmful new credit bill are using this opportunity to insert their own legislative agendas.

The bill, the Credit Card Competition Act, threatens to drastically change the way credit cards work in America in two major ways. 

Under the CCCA, routing decisions would move from the secure hands of banks and consumers to the oversight of corporate mega stores who have consistently put profit over security. 

A recent report from the Progressive Policy Institute gives greater insights into the ways that moving routing decisions from banks to retailers will lead to a heightened risk of data breaches. Banks and financial institutions spend billions of dollars on data security and understand the importance of using top-tier network security. Since banks work with sensitive credit cardholder information daily, they are understandably held to strict data security compliance requirements.

Meanwhile, retailers regularly fall victim to data breaches. Wawa, Home Depot and Target experienced malware attacks that compromised the credit and debit card data of over 127 million people. 

Most data breach cases occur because mega stores choose to cut corners with security matters at the expense of protecting their customers. Can you believe Home Depot did not have a chief information security officer until after their breach? Attorneys general in Wawa’s case stated that the company did not have “reasonable security measures in place to protect customer data.”

In the notable cases of these mega stores, none of these companies admitted to wrongdoing, essentially demonstrating not only a lack of responsibility but a lack of remorse for their actions and the danger they placed their customers in. 

Americans deserve further data protection in today’s day and age, not less. Our private data and financial information should be just that — private. 

But the CCCA will lead to less investment and less security. By choking off resources to financial institutions that have a strong record of security innovation and giving mega stores the chance to choose cheaper, less secure routing networks, we would be placing consumer data at further risk. 

Now, it is up to Congress to decide what’s more important — helping mega stores like Target and Walmart make a few extra bucks, or protecting the everyday consumer. In my eyes, it shouldn’t be a hard choice to make.

If elected officials want to truly protect Americans, they must reject the CCCA. Any legislation that comprises the data of Americans is not even worth their consideration. 

Richard Hunt is the Electronic Payments Coalition’s first executive chairman. Hunt is the former president and CEO of the Consumer Bankers Association, which he led for nearly 14 years, building the organization while leading its members through an unprecedented regulatory environment and an extraordinary era of technological change. EPC can be reached through their website.