Retailers want gaps in data breach notification bill fixed
Retailers are fighting for tighter data breach notification legislation.
Retailers, along with the National Retail Federation, told the House Financial Services Committee on Wednesday, March 7, that additional attention is needed when drafting data breach notification legislation. Specifically, they want to ensure that appropriate data security standards are in place, and that no industries that handle sensitive data are exempt.
The committee is slated to meet Wednesday afternoon on legislative proposals regarding data breaches, including a draft bill released last month. According to a letter addressed to the panel, the draft currently exempts financial institutions and a poorly defined group of “service providers.”
It also sets “one-size-fits-all” data requirements rather than tailoring rules for the type of data a business holds. Finally, it would require the Federal Trade Commission to take a “punitive” approach to enforcement where fines could be imposed even before standards are set.
“The legislation being considered by the committee is an important step forward, but has significant loopholes that would allow major data breaches to be kept secret from the public,” said NRF VP and senior policy counsel Paul Martino. “We want to work with the committee to develop an airtight bill that covers all industries and ensures that all data breaches are subject to notification no matter where they occur.”
In a separate statement from the committee, NRF said the Gramm-Leach-Bliley Act of 1999 does not require financial institutions to disclose data breaches despite banks’ claims to the contrary. While the law does set data security standards for financial institutions, it does not address breaches. Further, regulatory banking guidance issued in 2005 leaves the decision of disclosing beaches up to the impacted bank.
NRF believes including banks under mandatory notification requirements is important because they account for five times as many breaches as retailers, according to the 2017, according to the “Verizon Data Breach Investigations Report.” The study includes breaches in a wide variety of industries, not just those that are legally required to report their breaches.
NRF said data security requirements should be “risk-based,” and consider the nature of businesses covered, and the sensitivity of the data they handle. Instead, the legislation draft imposes regulations designed for the nation’s largest Wall Street banks onto small Main Street businesses that handle little sensitive data.
NRF also said U.S. banks should issue chip-and-PIN credit cards — which reduces the incentive for hackers to steal card data — to help reduce data breaches. Existing chip-and-signature cards do not stop card numbers from being used either in stores or online, meaning that the incentive to steal numbers remains.
These are not new suggestions from the NRF. Rather, the organization has long called for a uniform federal data breach law to replace separate, and often-conflicting, laws in 48 states and the District of Columbia. Overall, NRF argues that the new federal law should cover banks, card processors, telecommunications companies and all other entities that handle sensitive consumer data.
No comments found
A healthy mix of new formats, concepts
Don’t be fooled: There is still plenty of life left in physical retail — and not just for the short term. The industry is ripe with new formats and new concepts.
What’s especially heartening is that the development is coming from digitally native upstarts and familiar, longstanding brands. Even the founder of Tom’s of Maine has thrown his hat in the ring, with a sustainable apparel concept called Rambler’s Way.
Here’s a look at some of the activity:
Dyson Demo: Dyson Demo, from the British brand best known for its vacuum cleaners, made its U.S. debut with a flagship in Manhattan. Designed to encourage people to try out and understand Dyson technology, the 3,100-sq.-ft. store is sleek, futuristic and totally hands on.
Dry Goods: After flying under the radar for several years, this subsidiary of Von Maur Department Stores is spreading its wings a bit. Dry Goods, which offers on-trend junior women’s apparel and accessories from a variety of brands amid a hip, vintage-style backdrop, will open 12 stores throughout the Midwest this year.
Everlane: The socially minded, digitally native brand has opened its first permanent locations (in New York City and San Francisco) in a push to expand with key locations nationwide. With no signage or mannequins, Everlane stores have a minimal, uncluttered look that’s perfectly in sync with the brand’s online identity. The stores even live up to Everlane’s promise of transparency, offering takeaway cards with information on its factories around the globe.
FAO Schwarz: The venerable toy retailer is making a comeback, with plans to open, in partnership with the Hudson Group, a chain of FAO Schwarz-branded airport shops in the United States and Canada. It’s a smart move given the explosive growth of airport retail. Also in the works: a flagship at New York’s Rockefeller Center.
Land’s End: The longtime specialty apparel company is doubling down on bricks-and-mortar, with plans to unveil a new retail concept (in Chicago) this year, and four to six additional locations. It expects to open 40 to 60 stores during the next five years.
Riley Rose: Forever 21 goes deep into beauty — mostly of the indie kind — with its new freestanding lifestyle concept. Awash in pink hues, product demos and Instagrammable moments, Riley Rose is a young beauty lover’s paradise — with a smattering of fun home goods and sweet treats.
Reserve: Starbucks has big (1,000 stores) plans for its new upscale coffee/café concept, which debuted in Seattle. The marketplace-style format combines higher-end coffees with freshly-made Italian goods and p.m. cocktails.
Roots: A new experiential format brings the Canadian sportswear brand’s heritage to life. A leather customization workshop lets shoppers view Root’s handcrafted process. Shoppers can also customize their own products. The brand is looking to ramp up its U.S. store footprint during the next few years.
Universal Fashion: The plus-size “inclusive” women’s apparel brand known for its sleek, stylish fashions has amassed a cult following. Flush with a new round of funding, it plans to expand its retail format (two showrooms) nationwide.
The retailers above are just the tip of the iceberg. There are plenty more in the offing — or at least in the pipeline.
No comments found