In a letter to the U.S. Federal Trade Commission (FTC), lawyers for the National Retail Federation (NRF) tried to take down PCI, making an impassioned plea that the government not give any more clout to a standards body that is fully controlled by the card brands, including Visa and MasterCard.

Impassioned, but abstract. The NRF made its case almost entirely as a hypothetical, arguing that this kind of effort could in theory be used to advance an anti-consumer and anti-merchant agenda. This is odd, given that the PCI Council released Version 1.0 of its guidelines back in 2004 and has released many more over the years. If the NRF’s argument is solid, why after all these years couldn’t it flood the FTC with volumes of actual instances of abuse rather than still arguing the potential?

To read this article in full or to leave a comment, please click here