DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Illinois AG Madigan: Federal data breach law should not weaken states’ consumer protections

Posted on February 5, 2015 by Dissent

 Following what has been termed “The Year of the Data Breach,” Attorney General Lisa Madigan today testified before the U.S. Senate, calling on Congress to enact a strong, meaningful federal data breach notification law that provides greater transparency for data breach victims and regulators to better understand what information was compromised in a breach, how it occurred and whether adequate security measures were in place to protect customer information.

“Congress should seek to pass legislation that ensures notification of breaches that can harm Americans,” Madigan said. “A weak national law that restricts what most state laws have long provided will not meet Americans’ increasing and rightful expectation that they be informed when their information has been stolen.”

Madigan testified earlier today before the Senate’s Subcommittee on Commerce, Science and Transportation in a hearing titled “Getting it Right on Data Breach and Notification Legislation in the 114th Congress.” The epidemic of data breaches has grown over the past decade, now affecting almost every American consumer and inflicting billions of dollars of damage to the U.S. economy. Since 2005, almost 4,500 publicly known breaches have affected over 900 million consumer records. In 2013 alone, Madigan’s office saw a 1,600 percent increase in data breach complaints compared to the year before.

Madigan called on members of the subcommittee to authorize a federal agency to investigate large, sophisticated data breaches, akin to the National Transportation Safety Board’s role in aviation accidents. A single federal entity authorized to investigate data breaches would provide expertise in data security for the country to better protect American consumers.

The Attorney General also testified that a federal data breach law must cover a broad range of sensitive data – not just social security numbers or stolen credit card numbers but also: online login credentials, medical information shared on the internet that is outside the scope of current privacy regulations, biometric data, and geolocation data. Companies must be required to report any data breach involving this type of personal information, Madigan said.

Equally as important as Congress considers a federal data breach notification law, Madigan said, is the ability for state regulators to continue investigating data breaches at the state level. Federal legislation must not preempt the states’ ability to respond and act when data breaches affect residents in their states. Any preemption by Congress must only provide a “floor” for reporting requirements and preserve a state’s ability to use its consumer protection laws to investigate data security practices and enforce federal law.

Attorney General Madigan has launched numerous investigations into whether businesses and health care providers are adequately protecting consumers’ data. She is currently leading investigations into large data breaches reported since 2013 including Target and Neiman Marcus. In 2005, Madigan led the effort to enact a state law to require companies to promptly notify their customers of data breaches to ensure consumers know when their sensitive data has been compromised. The Attorney General also supports her office’s Identity Theft Unit, which staffs a statewide hotline (1-866-999-5630) to provide one-on-one assistance to victims of identity theft and data breaches. The ID Theft Unit has helped reverse over $27 million worth of fraudulent charges on over 37,000 Illinois consumers’ accounts.

For more information, read Attorney General Madigan’s written testimonyfrom the hearing.

SOURCE: Illinois Attorney General Lisa Madigan

Category: Breach Laws

Post navigation

← UK: Theft of laptops containing data about victims of child sexual exploitation ‘covered up’
HK: Inspector faces cop data theft, child porn raps →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Trump Rewrites Cybersecurity Policy in Executive Order
  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit
  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.