The Data Security Act of 2015 (H.R. 2205) took one step closer to becoming reality on Wednesday (Dec. 9) after it was voted out of the House Financial Services Committee, Credit Union Times reported. The bill came through on a 46-to-9 vote and, geared toward retailers, would codify national security standards for retailers nationwide.
The bill was introduced by Rep. Randy Neugebauer (R-TX) and Rep. John Carney (D-DE).
Separately, during the bill markup, Rep. Brad Sherman (D-CA) said: “The best way to stop data breaches is to hold responsible the entities that hold the data.” And, he added, the bill itself “could achieve 99 percent of its purposes if it exempted 90 percent of the businesses in this country.” The argument there is that the legislation need not be sweeping or even national in scope. Moreover, he added the typical small business owner would not necessarily be aware of or able to meet compliance standards — reasons why small businesses should be exempt.
[bctt tweet=”The typical small business owner would not necessarily be aware of or able to meet compliance standards — reasons why small businesses should be exempt.”]
The Electronic Payments Coalition released a statement praising the fact that the legislation has made it out of committee as of this week. The key, according to the group, is that retailers be held to “common sense data security standards” that have been used by the payments industry for years. The coalition said that the solutions that have been making their way through the payments industry are EMV, biometrics and tokenization. The “system is only as strong as its weakest link,” said the group, “and retailers have yet to adopt these same common sense standards.”
The support certainly seems to be broad, as 92 percent of voters — according to a poll conducted by Morning Consult — say that stores and retailers should adopt more robust security measures.