(The Center Square) – Indiana would become the first state to use government regulations to protect consumers from cyberattacks if a rule proposed by Attorney General Curtis Hill gets implemented.
During a virtual event Thursday with the U.S. Chamber of Commerce that included cybersecurity experts, Hill talked about his plan to establish a rule in Indiana that he says will protect Hoosiers from cyberattacks, the fastest-growing type of crime in the United States.
“Hoosiers’ data is at risk because some businesses do not take proactive measures to protect themselves and the consumers they serve from cyberattackers, and some simply do not know what precautions they need to take,” Hill said. “Our safe harbor rule would both protect Hoosiers from data breaches and incentivize businesses that take steps to prevent them from happening in the first place.”
Hill said the rule would protect and encourage continued investment by companies that have already taken precautions, while clarifying expectations to all companies that maintain the date of the people of Indiana.
“We need a way to separate the businesses that are taking important steps to secure data from those who are not,” Hill said. “This rule would provide businesses a playbook on how to protect data and would protect those businesses that follow the playbook. It’s a win for both consumers and businesses.”
Aleix Cocco, a privacy, data security and consumer class-action defense lawyer, said the proposed rule will allow businesses to direct resources toward compliance with the rule, rather than to the costs of a class-action lawsuit that could follow a data breach.
If approved, Hill expects the proposed rule to take effect by the end of the year.