CUNA to Congress: Data security is a national security issue

WASHINGTON, DC (March 27, 2019) — Credit Union National Association (CUNA) is urging Congress to recognize data security as an issue of national security. The trade organization advocating for America’s 115 million credit union members today sent letters for the record ahead of two data privacy hearings on Capitol Hill.

Data privacy and security have become major concerns for consumers as concern over misuse of personally identifiable information (PII) by businesses and foreign states increases with every breach misuse of this data. Since 2005, there have been more than 10,000 data breaches, exposing as nearly 12 billion consumer records – costing credit unions, banks and consumers hundreds of millions of dollars.

Credit unions operate under the Gramm-Leach Bliley Act (GLBA) and are examined by regulators, such as the National Credit Union Administration (NCUA) and Consumer Financial Protection Bureau (CFPB), to ensure they are compliant to requirements for information security, privacy and the disclosure of nonpublic personal information to third-parties. However, current law is not secure as some entities that collect and hold PII, such as retailers and other merchants, are not subject to security standards as financial services providers.

The letters address several principles that credit unions seek to advance for Federal privacy and data security legislation, including:

  • Data privacy and security are hand in glove;
  • Everyone should follow the same rules;
  • There should be one rule for the road;
  • Breach disclosure and consumer notification are important but these requirements alone won’t enhance security or privacy; and
  • Hold entities that jeopardize consumer privacy and security accountable through private right of action and regulatory enforcements.

Europe’s General Data Protection Regulation (GDPR) and California’s California Consumer Privacy Act (CCPA) show that foreign governments and states are not willing to sit on the sidelines and neither should Congress. Action is required to ensure that all Americans can enjoy robust protection of their most important personal data from misuse and theft.

Although GLBA has served the financial services industry well, CUNA believes Congress must work with the Administration and industry to address consumer data privacy in a more meaningful way.

Senate Commerce Subcommittee on Manufacturing, Trade and Consumer hearing letter here.

Committee on Oversight and Reform Subcommittee on Economic and Consumer Policy hearing letter here.

About CUNA

Credit Union National Association (CUNA) is the only national association that advocates on behalf of all of America’s credit unions, which are owned by 135 million consumer members. CUNA, along with its network of affiliated state credit union leagues, delivers unwavering advocacy, continuous professional growth and operational confidence to protect the best interests of all credit unions. For more information about CUNA, visit To find your nearest credit union, visit


CUNA Communications


More News