47 state and territorial attorney generals have signed a letter urging Congressional leaders not to pass a national law on data breach notification and data security, arguing that “any additional protections afforded consumers by a federal law must not diminish the important role states already play protecting consumers from data breaches and identity theft.”
In the letter dated July 7, the state officials described their ongoing efforts to combat identity theft and pass state data breach legislation and argued that this state-level legislation has resulted in increased transparency and awareness of cyber security threats nationwide. They also emphasized the direct contact their offices have with affected consumers, stating that “the Office of the Illinois Attorney General has helped over 38,000 Illinois residents remove more than $27 million in unauthorized charges from their accounts.” The authors expressed concern that any limitations put in place by the federal government will prevent individual states from responding to constituent concerns and hamper the effectiveness of both data breach laws and state enforcement efforts.
The conclusion read, “Through our work on data breach investigations we understand the complexity of these issues and want to ensure that the progress made at the state level is not lost.” The document was signed by each of the 47 state and territorial attorney generals.