Much as Justice Louis Brandeis imagined states as laboratories of the law, offices of state attorneys general have been laboratories of privacy enforcement. State attorneys general have been nimble privacy enforcers whereas federal agencies have been more constrained by politics. Local knowledge, specialization, multistate coordination, and broad legal authority have allowed AG offices to fill in gaps in the law. State attorneys general have established baseline fair-information protections and expanded the frontiers of privacy law to cover sexual intimacy and youth. Their efforts have reinforced and strengthened federal norms, further harmonizing certain aspects of privacy and data security policy.

Although certain systemic practices enhance AG privacy policymaking, others blunt its impact, including an overreliance on weak informal agreements and a reluctance to issue closing letters identifying data practices that comply with the law. This Article offers ways state attorneys general can function more effectively through informal and formal proceedings. It addresses concerns about the potential pile-up of enforcement activity, federal preemption, capture, and the dormant Commerce Clause. It urges state enforcers to act more boldly in the face of certain shadowy data practices.



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.