Privacy Lawyers: State AGs Will Continue Aggressive Enforcement of Data Security in 2025
Pursuing data security claims against companies was "top-of-mind" for state attorneys general in 2024 and this will probably continue through the year, Morrison Foerster partners Linda Clark and Kathryn Taylor blogged Friday.
Sign up for a free preview to unlock the rest of this article
“Even with the upcoming change in administration in the United States, we anticipate this trend in enforcement priorities will continue, with an additional focus on data related to new technologies (such as brain wave data captured from a consumer headset) and data that could be used to further some State AGs’ agendas (such as geolocation data that could be used to indicate an individual received reproductive healthcare),” the lawyers wrote. They noted the AGs were particularly vigilant with companies "they believed ... had failed to heed warnings about exploitable vulnerabilities."
Accordingly, Clark and Taylor recommend that organizations “go back to the basics” and ensure they're addressing current and potential threats. Action items include ensuring data minimization, performing risk assessments and confirming data inventories are up-to-date, they added.