CFPB Issues Advisory Regarding Recent Retailer Data Breaches; Congressional Activity Increases

CFPB Consumer Complaints U.S. Senate Privacy/Cyber Risk & Data Security

On January 28, the CFPB issued a consumer advisory in response to recent reports of data breaches at several large retailers. In addition to providing tips for consumers in the wake of a retail breach, the advisory encourages card holders to submit complaints about debit and credit card issuers’ inadequate responses to consumer charge disputes related to data breaches.

The advisory is the first public response from the CFPB on data breach issues.  It follows a request last month from Senator Chuck Schumer (D-NY), a member of the Senate Banking Committee, that the CFPB conduct an investigation of the data breach and issue a “full report on the findings of its investigation -- informing the public of how this breach occurred, how consumers can protect themselves from similar attacks, and any further recommendations the CFPB may have for retailers to minimize the occurrence of similar breaches.”  Schumer also asked Director Cordray to “take a closer look at whether retailers systems should be required to transfer credit and debit card information as encrypted data. . . . The CFPB must ensure that necessary rules and standards for retailers are in place to validate consumers’ trust in the transaction process.”

Numerous congressional committees share jurisdiction over data breach issues. The Senate Banking Committee will be among the first to act with a hearing scheduled for February 3, 2014 that will feature governmental witnesses, as well as the views of the retailer and banking industries.