Consumer Protection & Privacy

47 State AGs Ask Congress to Preserve Their Authority to Investigate Data Breaches

 by Siran S. FauldersSteve D. Rosenthal and C. Reade Jacob, Jr.

On July 7, 47 state attorneys general signed onto a multistate letter to the U.S. Congress emphasizing the importance of maintaining states’ authority to enforce data breach and data security laws, and their ability to enact laws to address future data security risks.  

The letter to Senate Majority and Minority Leaders, Mitch McConnell and Harry Reid, and Speaker of the House and House Minority Leader, John Boehner and Nancy Pelosi, comes on the heels of a number of federal data breach bills that would create a federal breach notification and data security law.  Eight bills are currently pending before Congress relating to data security and data breach notification.  All but one of the bills would preempt state laws and enforcement efforts.  

The letter by the state attorneys general called on the leaders of Congress to “not diminish the important role states already play protecting consumers from data breaches and identity theft.”  State attorneys general have played a significant role in investigating data breaches and ensuring that state notification requirements are met in the event of a data breach.  The 47 state attorneys general argue that states are better equipped than the federal government to “quickly adjust to the challenges presented by a data-driven economy,” and that states “have been able to amend their laws and focus their enforcement efforts on those areas most affecting consumers.”  Many companies, however, believe that the differing individual state notification standards are unwieldy to navigate in the event of a data breach. 

According to Connecticut Attorney General George Jepsen, “It would be a serious error for the federal government to preempt states from investigating and enforcing data privacy and security laws. …  To suggest that federal law enforcement officials would have the resources and ability to follow up on every single breach notification in order to protect consumers in the same manner in which attorneys general now operate is, I believe, misguided,” Jepsen stated in a press release.  

 Read more at Consumer Financial Services Law Monitor by Troutman Sanders LLP.  

Troutman Sanders LLP is an international law firm with more than 600 lawyers in 16 offices located throughout North America and Asia. Founded in 1897, the firm’s lawyers provide counsel and advice in practically every aspect of civil and commercial law related to the firm’s core practice areas: Corporate, Energy and Industry Regulation, Finance, Litigation and Real Estate. Firm clients range from multinational corporations to individual entrepreneurs, federal and state agencies to foreign governments, and non-profit organizations to businesses representing virtually every sector and industry. See for more information.

For more information about LexisNexis products and solutions, please connect with us through our corporate site. privacy