Federal and State Regulatory and Enforcement Landscape
Director of Privacy Education & Policy
California Dept. of Justice, Office of the Attorney General
- How are state and federal regulators coordinating with one another?
- As various agencies are becoming well-versed in security issues, they are looking to bring in their own teams to perform security assessments – how are companies to respond to this from a risk as well as from a cost-benefit analysis, especially if various agencies differ in their findings?
- What type of a data breach are various agencies interested in?
- What are their priorities?
- Are they more interested in preparations, risk assessments, protocols or are they more interested in what companies are doing to solve the problem and provide customers with some solutions?
- What is their stance on credit monitoring?
- Latest on the fines and penalties being assessed by regulators: how many of these fines are being seen these days? What is their size?
- What do regulators want companies to do to prepare?
- What causes them to bring an enforcement action?
- What do companies need to do to potentially avoid regulatory enforcement actions?