Category Archives: attorney general

Attorney General. Data Broker Law. To write your states law with Business Guidance.

IN 2018, Vermont became the first state to regulate data brokers.

What is a data broker? 

  • A business that
  • knowingly collects and sells or licenses to third parties
  • brokered personal information of a consumer
  • with whom the business does not have a direct relationship

What business guidance did the Vermont Attorney General offer?

  • If Vermont courts do not have jurisdiction, then this law does not apply to a business
  • Does it establish an opt out requirement for consumers? no
  • Will businesses…

Lege TREND. State passes Equifax Fix. State Attorney General Proposes More Fixes. 2 Key Points.

In 2018, Vermont passed a data breach notification bill to address the Equifax data breach.

Vermont’s Attorney General is Recommending the following additional legislative fixes:

  • Create a new statewide office, Chief Privacy Officer,  charged with ensuring the state establishes best practices for handling Vermonters’ personal information
    • the position would advocate for additional privacy protections for citizens & hear concerns
  • Stronger protections for student data by educational…

Lege TREND. Fake Constituent Written Suport.

The allegations of fake constitutent support:

  • Comments to the FCC over net nuetrality rules
  • Of 20 million comments, almost 50% were provided without consent

The investigations:

  • FBI issuing subpoenas
  •  New York Attorney General with support of Attorneys General of Massachusettes and the District of Columbia

Targets of the subpoenas:

  • 14 organizations
  • 11 of which are either politically conservative or related to the telecommunications industry and opposed net neutrality, and three of which…

Regulatory TREND. Texas Attorney General Investigating Marriott Breach. 3 Key Points.

  • Lots of potential Texas impact.  potentially 100s of 1000s of Texans “vulnerable to the nightmare of identity theft”
  • massive hack.  “compromising the personal information of up to 500 million guests”
  • enforcement actions include:

Texas Attorney General Office | AG Pax­ton Begins Inves­ti­ga­tion Into Mar­riott Data Breach…

Lege Trend. 4 Data Security Law Recommendations. State Attorney General.

The State Attorney General, who recommended that Washington State require breech notification when more than 500 Washingtonians are impacted, recommends the following changes to the law after data breeches increase by 26% in the last year:

  • Reduce the deadline to notify affected individuals of a breach to 30 days after the breach is discovered;
  • Require preliminary notification to the Attorney General’s Office of a breach within 10 days after the breach’s discovery; and
  • Expand the definition…

3 Ways State Attorneys General Control Data Security Policy

  • Create policy by litigating
    • ex: suits to support online privacy could be the new tobacco lawsuit
  • Blocking Federal Policies
    • Repulican Attorneys General sued Obama Administration 46 times in 8 years
    • Democratic Attornesy General have sued the Trump Administration 35 times in year 1
  • Crafting policy by managing State-level settlements delivering big headlines and fast payouts
    • ex: Equifax settlements

Forbes | How state attorneys general are driving tech policy

+1 State Suing Over Equifax Breach. The Facts:

State: West Virginia

The lawsuit by the West Virginia Attorney General:  Violation of the the state’s Consumer Credit and Protection Act  

The potential penalty: $150,000 for each security breach and $5,000 for each violation of each of the 730,000 West Virginians affected by the Equifax breach

The statement from the WV Attorney General:

“Equifax’s failure to secure consumers’ personal information constitutes a shocking betrayal of public trust and an egregious violation of West Virginia…

Data Security Issues at the Conference of Western Attorneys General. 5 Topics. 2 Enacted Laws

Conference of Western Attorneys General will be discussing the following data security issues this year:

  • data privacy, cybersecurity, and digital piracy
  • breach notification
  • the European Union’s data protection regulations
  • national security & cybersecurity intersection
  • FinTech

Enacted Laws to be highlighted:

  • Arizona’s Regulatory Sandbox Program, signed into law by Governor Doug Ducey on March 22, 2018
  • Arizona House Bill 2154 into law on April 11, 2018 that prioritize data privacy in…

Regulatory TREND. State Attorney General. Launches Searchable Data Breach Database.

The Delarware Attorney General launched a new webpage that has 4 data secuity resources:

  • Online Reporting of Data Security Breaches
  • Data Security Breach Notice Database
  • Model Form for Providing Notice to Consumers and Other Affected Persons
  • Links to Online Cybersecurity Resources

Delaware.gov | Attorney General Denn Announces New Online Data Security Breach Reporting Resource

3 Reasons 30+ State Attorneys General Opposition to Federal Data Breach Preemption.

32 Attorneys General oppose federal preemption of state data security laws because:

  • Reduces state enforcement by allowing entities to decide if a breach needs to be reported
  • Prevents proactive action by consumers in state law, which states currently have
  • Leaves a vacant enforcement loophole for breaches that impact fewer than 5000 

Pocono News | PA attorney general seeks stronger enforcement of data breach notification laws

Bi partisan Attorneys General Letter Opposing Federal Data Security…