top of page

THE ATTORNEY GENERAL PERSPECTIVE

Data Security: An Attorney General’s Perspective


Each state’s Attorney General is the cop on the beat when it comes to data security laws. If you have a reportable incident occur, what do you need to know? Sara Cable, Senior Privacy Counsel at Northeastern University shared some tips with ACSC members.


Understand That State Regulators Talk to Each Other


Cable, the former Chief of Data Privacy and Security for the Massachusetts Attorney General’s Office, says that state regulators talk to each other, well, regularly. There’s ongoing dialogue and collaboration through calls and emails.

AG offices are limited in their ability to investigate the litany of data breaches and incidents, but they will certainly prioritize cases where there is negligence, a recurring pattern, or broad implications for the public – where an AG can make a difference for consumers or the general public.


Know That Regulators Won’t Always Be on the Same Page


Data security has been a broadly bipartisan issue with some states putting forward more business friendly regulations while others have focused on strong consumer protections. Most states are still broadly aligned, but Cable says this may be shifting. Especially as the political sides disagree on the major challenges social media companies present, and what potential solutions might be.


The Pros and Cons of Setting Standards


Going forward, Cable says the state Attorney Generals are sharing notes and experiences. She notes there’s an understanding on the staff level that uniform standards are useful because everyone wants to act from the same baseline regarding what is reasonable security. But setting generally accepted principles has its pros and cons.

Cable shares the concern that if a standard is set too low, it can lead to a race to the bottom. But she feels it’s a matter of fairness and good common sense that everyone should understand what targets they should be shooting for and how to shoot that target.


The ACSC thanks Sara Cable for her time and sharing her perspective with our members.


Want to be a part of these meetings in the future? Contact Jim Dinneen at jdinneed@acscenter.org to learn how your organization can become a member.

Comentarios


The Advanced Cyber Security Center (ACSC)

at Northeastern University Innovation Campus

info@acscenter.org  |  (617) 485-1112

©2023 by ACSC

bottom of page