The International Association of Privacy Professionals recently conducted an interview with Connecticut Attorney General George Jepsen. General Jespen has been considered a leader among the State Attorneys General in the area of privacy, and Connecticut is considered one of the most active states in privacy policy and legal enforcement actions related to privacy issues. In 2011, Connecticut was among the first states to create a special privacy unit within its attorney general’s office. Within the last two years, General Jepsen has advocated for an amendment to Connecticut’s breach notification law that required notice of breaches to be made directly to his office, and his office has lead several major multistate investigations related to privacy.
During his interview with the IAPP, General Jepsen explained that the current area of focus for his Office’s Privacy Task Force has been “one, to proactively promote the protection of personal data and information and two, to investigate any breaches of that information in violation of federal and state laws that require protection of that data or other violations of privacy.”
General Jepson also expounded upon the multistate investigation process related to privacy issues, explaining that his office maintains very good working relationships with other state attorney general offices, resulting in a more efficient and effective investigation. When working with state attorneys general, General Jepsen advised businesses that they should be “as honest and open as possible.” He explained that when he writes to a business, “you can rest assured they are sincere concerns. In those instances, I really am interested in learning either why I should not be concerned or what we can do to address concerns that prove to be well-founded.”
Finally, in the area of state/federal collaboration, he noted that his “office has a very good working relationship with the FTC, having recently joined with it to file two lawsuits in Connecticut,” and that he is “open to broader federal/state coordination of efforts.” He concluded by stating that “States and the federal government should be regarded as partners, complementing each others’ resources to advance the shared goal of privacy protection.”