On October 17, 2014, President Obama issued an Executive Order (“EO”) announcing a White House initiative called BuySecure.2 The President announced his EO in an address given at the Consumer Protection Financial Bureau (“CPFB”), where he identified data breaches as a growing threat to American consumers and outlined a number of efforts designed to help shore up payment information security and other areas of cybersecurity policy in the United States.
A component of the BuySecure initiative encourages the adoption of Chip-and-PIN technology into American point-of-sale transactions. The EO requires that the federal government incorporate Chip-and-PIN technology into all federal government credit cards and update federal government credit-card terminals to accept the technology. In his address at the CFPB, the President also noted that several of the nation’s largest retailers will be updating their point-of-sale terminals to accept the new technology early in 2015.
As the President explained in his address at the CFPB, the BuySecure initiative will also augment the resources available to those fighting and responding to identity theft. The Administration will support the Federal Trade Commission in expanding IdentityTheft.gov, an online portal for identity theft victims, and will also seek to increase information sharing between the government and the private sector to limit the scope and reach of data breaches. The President also expressed support for the private sector to make credit-score information more easily accessible.
The President also announced a forthcoming “Cybersecurity and Consumer Protection Summit,” which will take place in early 2015. In his address, the President explained that the Summit will assemble stakeholders from the financial sector to collaborate and share best practices, promote stronger security standards, and discuss the future of technologies that help protect consumers from financial harm. The President reiterated his desire for Congress to pass comprehensive data breach legislation and comprehensive cybersecurity legislation as key components of the Nation’s strategy to address these growing threats in the future.