There are numerous lessons to be learned from 2005, a year when more than 75 reported data security breaches at some of the nation’s largest financial companies, including Citigroup and Bank of America, as well as at other data collectors, have threatened the privacy and financial security of over 50 million Americans (see Appendix 1 for a list of breaches compiled by Privacy Rights Clearinghouse). -- We wouldn’t even know about these data security breaches if it weren’t for the pioneering efforts of California, which enacted the nation’s first security breach notice law in 2003. Pressure from other state attorneys general forced Choicepoint, then others, to comply with
California’s law nationwide. In 2005 alone, at least 20 more states have enacted similar breach notice laws (and one more expected to be signed), demonstrating that the states have the capacity to respond quickly to privacy problems and deserve to retain that authority.
For more of this testimony click here. PDF Format