46 Attorneys General Asking Congressional Leadership to
Preserve Role of States in Investigating Data Breaches
Attorney General George Jepsen has cosponsored a letter joined by 46 fellow attorneys general from across the country calling on Congressional Leadership to preserve states' abilities to investigate and take action in response to data breaches affecting their citizens. The letter asks federal lawmakers, who are currently considering proposals for a national law on data breach notification and data security, not to preempt state laws in this area.
In a letter sent to Senate Majority Leader Mitch McConnell, Speaker of the House John Boehner, Senate Minority Leader Harry Reid and House Minority Leader Nancy Pelosi today, the attorneys general identified the significant harm consumers can experience after a data breach and the role that states have played in developing and enforcing data breach and data security legislation.
"It would be a serious error for the federal government to preempt states from investigating and enforcing data privacy and security laws," said Attorney General Jepsen. "When I came into office in 2011, it quickly became clear that data security was a growing problem. State lawmakers and state attorneys general have met this problem head-on by enacting and enforcing laws meant to protect consumers and requiring the safeguarding of personal information. State attorneys general, often working together on a bipartisan basis, have become experienced, nimble and effective investigators while also working proactively within the business community to promote increased awareness and best practices. My office alone has received over 400 data breach notifications each year since our breach notification law was amended in 2012 to require notification to my office. To suggest that federal law enforcement officials would have the resources and ability to follow up on every single breach notification in order to protect consumers in the same manner in which attorneys general now operate is, I believe, misguided."
Eight bills are currently pending before Congress relating to data security and data breach notification. While the proposals differ in the substantive protections they would provide to consumers, all but one would preempt state laws and enforcement efforts.
Jepsen co-sponsored his letter with Attorneys General from Arkansas, Indiana, Illinois, Maryland, Massachusetts and Nebraska, and is joined by Attorneys General from a total of 47 states and territories.
Assistant Attorneys General Michele Lucan and Matthew Fitzsimmons, head of the Privacy and Data Security Department, are assisting the Attorney General with this matter.
Robert S. Blanchard
Facebook: Attorney General George Jepsen