Out of all governmental agencies, state attorneys general are likely to have the greatest impact on privacy enforcement in 2020 for the average business. Over the past few years, state AGs have taken an increasingly active role in privacy and data security matters, using their broad consumer protection authority to enforce rapidly evolving state laws and investigate data security lapses. Even more recently, state AGs have begun to step out of their typical enforcement roles to pursue policy and legislative initiatives.… More
Category Archives: Cybercrime
Cybersecurity 2018 – The Year In Preview: State Enforcement Trends
As state Attorneys General continue to flex their muscles in response to serious data security lapses nationwide, patchwork enforcement continues. Strategies employed by state Attorneys General in response to nationwide data breaches are as diverse as the profusion of data security threats alarming consumers on a daily basis. The recent Equifax data breach offers a prime example. The disparate reactions of Massachusetts, California, Texas and New York reflect the various tools at the disposal of state AGs in the increasingly difficult struggle to protect consumer information,… More
The Massachusetts Attorney General’s Complaint Against Equifax
As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax.
- The 28 page complaint is summed up on paragraph 4:Consumers do not choose to give their private information to Equifax, and they do not have any reasonable manner of preventing Equifax from collecting, processing, using, or disclosing it. Equifax largely controls how,…
CyberOhio Initiative – An Update from the Ohio AGO
We recently posted on the Ohio Attorney General’s CyberOhio initiative and forecasted that the Ohio Attorney General might be the first of many Attorneys General to join forces with industry in the struggle to protect consumer information. Ohio Deputy General Counsel Craig Rapp, Director of CyberOhio, contacted our blog not only to agree with our prediction, but also to shed more light on what is transpiring in his state. … More
Friend or Foe? State Attorneys General Start to Change Their Tune on Industry & Cybersecurity
Should businesses be thought of as victims or bad actors when it comes to data breaches? State attorneys general are embracing the idea that businesses are not necessarily adversaries in the struggle to protect sensitive consumer information. Over the past several years state attorneys general have exerted efforts to both educate businesses as to their data privacy responsibilities, and collaborate with businesses in constructing more robust cybersecurity policies. The spotlight now is on the Ohio Attorney General,… More
The Future of Data Privacy Regulation in Massachusetts? AG’s Office Foreshadows State Action on Consumer Data in First-of-its Kind Conference
What is the future of data privacy regulation in Massachusetts?
On March 24, 2016, the Massachusetts Attorney General’s Office gave us a glimpse. In collaboration with Harvard’s Berkman Center for Internet and Society, and MIT’s Internet Policy Research Initiative and Computer Science and Artificial Intelligence Laboratory, the AG’s Office convened a “Forum on Data Privacy.” In this first-of-its-kind conference,… More
New Credit Card Security Doesn’t Go Far Enough
Co-written by Jon Hurst
This entry originally ran as an op-ed in the September 25, 2015 edition of The Boston Globe.
Hardly a week goes by without a news report of a new cyberattack. As any consumer affected by fraud knows, the harm is real. The impact on businesses, government, and other targets is also real, and includes monetary harm and reputational damage that can devastate those so reliant on the trust of their customers.… More