Ron Breaux in Bloomberg BNA Privacy and Security Law Report: Views on Lessons Learned from Payment Card Breaches


Payment card breaches at Target Corp. (12 PVLR 2133, 12/23/13) and Neiman Marcus Group Ltd. (13 PVLR 370, 3/3/14) have heightened congressional, consumer and company interest in data security issues.

Bloomberg BNA Privacy & Security Law Report Senior Legal Editor Donald G. Aplin posed a series of questions about the potential impact of the breaches for legislation and what companies should learn from the breaches to Ronald W. Breaux, partner, head of the Privacy and Data Breach Practice Group and co-chair of the Litigation Department at Haynes and Boone, LLP, in Dallas. He provided his insights April 10.

BLOOMBERG BNA: The confirmed payment card breaches at Target and Neiman Marcus have created lots of public and congressional interest. Does the fact that the Target breach of some 42 million payment cards is 10 times the number of cards involved in the 2008 Hannaford Brothers Co. grocery chain breach (7 PVLR 580, 4/21/08), and likely larger than the unknown number of accounts involved in the breach revealed by payment card processor Heartland Payment Systems Inc. in 2009 (8 PVLR 161, 1/26/09), really make a difference to create sustained interest this time to move the ball forward in Congress for a federal consumer data security/breach notification law?

Breaux: The Securities and Exchange Commission, the Federal Trade Commission and the Department of Health and Human Services have been very active in enforcing disclosure requirements and ensuring that businesses protect the personal information of American consumers.

But despite the fact that there have been several highprofile data breaches over the past 5–6 years, we have seen Congress fail on multiple occasions to pass federal data breach or cybersecurity legislation, including failed attempts to establish a national, uniform data
breach notification law. Accordingly, companies in all industries have been left to navigate a patchwork of notification laws across 46 states, the District of Columbia and a few U.S. territories.

Excerpted from Bloomberg BNA Privacy and Security Law Report, April 16, 2014. To view full article, click the PDF below.

BNA Privacy and Security Law Report - Views on Lessons Learned from Payment Card Breaches.pdf

Reproduced with permission from Privacy Law Watch, (Apr. 11, 2014). Copyright 2014 by The Bureau of National Affairs, Inc. (800-372-1033)


Email Disclaimer