Given that there is no federal law regulating data breaches, most states have created their own rules on data breach disclosures. And state attorneys general (AGs) are interested in keeping it that way, Politico reports. While a federal baseline law would be welcome, the report notes that state AGs want to keep their laws in place. “States have been the leaders, the cops on the beat defining what is reasonable and not reasonable for their own states and heading up investigations on data breach cases for as long as there have been such things,” said Maryland Attorney General Doug Gansler. “It’s almost always a local issue. … We actually get things done.” Editor's Note: Divonne Smoyer, CIPP/US, and Aaron Lancaster, CIPP/US, recently examined the privacy protection efforts of AGs in the Privacy Perspectives post, “Think the FTC Is the De Facto U.S. Data Protection Authority? State AGs May Have Something To Say.”
If you want to comment on this post, you need to login.