A panel at a meeting of the National Association of Attorneys General highlighted data breaches and privacy in the context of new technology, signalling that state regulators are focused on consumer protection in this area.

The panel at the Southern Regional Meeting in Charlottesville on April 4 was devoted to emerging technologies, privacy concerns, and how attorneys general should respond. The panel featured senior enforcement officials from the Texas, Virginia, and South Carolina attorneys general offices. Representatives of attorneys general offices in nine attended the discussion, including the attorneys general of the District of Columbia, Mississippi, New Jersey, Tennessee, and Virginia. Virginia Attorney General Mark Herring moderated the panel.

Common themes on the panel included data breach and data use, as well as how attorneys general may use state unfair and deceptive acts and practices (“UDAP”) laws to regulate not only practices expressly mentioned in state laws, but also privacy practices that are broadly unfair or deceptive. New trends that the panelists identified as emerging consumer privacy exposures included connective devices, self-driving cars, and “always-on technology.”

The panel continues the trend of state attorneys general focusing on privacy and consumer protection. While federal privacy enforcement may currently be in flux, especially with the status of Federal Trade Commission leadership undetermined, states will step in as strong regulators – and businesses must be ready for it.