NRF outlines data breach blueprint

The malicious attack on Target which resulted in a massive data breach has spawned a “we’re all in this together” attitude among the nation’s retailers with the National Retail Federation spearheading the charge for common sense consumer protection measures.

Foremost among them is usage of the more secure Chip and PIN technology in credit and debit cards that offers better encryption of data than the magnetic stripe cards that are prevalent in the U.S.

“When it comes to sensitive bank card data, our partners in the financial industries also have a critical role to play in making sure their cards are secure. The retail industry is eager to work with them to fight cyber attacks,” according to a letter sent to NRF members by Mallory Duncan, the trade groups SVP and general counsel.

In addition to conversion to Chip and PIN, the NRF board unanimously agreed at its meeting on January 12 that the nation needs a federal cyber law that would allow for immediate sharing of information about the latest threats. In addition, the law would outline a comprehensive plan for the thorough investigation and prosecution of data crimes. The third priority agreed upon by the NRF board is a single federal breach notification law to replace the patchwork of 47 different state laws which would allow retailers to focus on a single law and simplify consumers understanding of their rights.

“We want a long-term solution and it is going to require all of us working and investing together to provide one answer. Retailers will do our part. But we cannot do this alone,” according to Duncan. “In the days ahead, the NRF will be working with retailers large and small, policy makers, trade associations, consumer protection advocates, law enforcement and other stakeholders to coordinate and advance a campaign that will ultimately result in consumer data protection.”