MasterCard 2009 Annual Report Download - page 41

Download and view the complete annual report

Please find page 41 of the 2009 MasterCard annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 156

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156

Government actions could curtail our ability to compete effectively against providers of domestic
payments services in certain countries, which could adversely affect our ability to maintain or increase our
revenues.
Governments in certain countries, such as Russia and India, have acted, or could act, to provide resources or
protection to selected national payment card and processing providers to support them or to displace us from,
prevent us from entering into, or substantially restrict us from participating in, particular geographies. Our efforts
to effect change in these countries may not succeed. This could adversely affect our ability to maintain or
increase our revenues and extend our global brand.
Regulation in the areas of consumer privacy, data use and/or security could decrease the number of
payment cards issued and could increase our costs.
We and our customers are also subject to regulations related to privacy and data protection and information
security in the jurisdictions in which we do business, and we and our customers could be negatively impacted by
these regulations. For example, in the United States, we and our customers are respectively subject to Federal
Trade Commission and banking agency information safeguard requirements under the Gramm-Leach-Bliley Act.
The Federal Trade Commission’s information safeguards rules require us to develop, implement and maintain a
written, comprehensive information security program containing safeguards that are appropriate to our size and
complexity, the nature and scope of our activities and the sensitivity of any customer information at issue. In the
United States, over the past several years a number of bills have been considered by Congress and there have
been several congressional hearings to address information safeguarding and data breach issues. Congress
continues to consider these issues which could result in legislation that would have an adverse impact on us and
our customers. For example, the United States House of Representatives has again passed comprehensive data
protection and information security legislation, as well as data breach notification legislation, which could
impose additional regulatory burdens on us and our customers. Similar legislation has not yet passed in the U.S.
Senate, and it is not clear whether legislation of this type will be signed into law. In addition, a large number of
states have enacted security breach legislation, requiring varying levels of consumer notification in the event of a
security breach, and several other states are considering similar legislation.
In the European Union, the European Parliament and Council have passed the European Directive 95/46/EC
on the protection of individuals with regard to the processing of personal data and on the free movement of such
data, which obligates the controller of an individual’s personal data to take the necessary technical and
organizational measures to protect personal data. This Directive has been implemented through local laws
regulating data protection in European Union member states to which we and our customers are subject.
Regulation of privacy and data protection and information security in these and other jurisdictions may
increase the costs of our customers to issue payment cards, which may decrease the number of our cards that they
issue. Any additional regulations in these areas may also increase our costs to comply with such regulations,
which could materially and adversely affect our profitability. Finally, failure to comply with the privacy and data
protection and security laws and regulations to which we are subject could result in fines, sanctions or other
penalties, which could materially and adversely affect our results of operations and overall business, as well as
have an impact on our reputation.
31