The Weekly Breach Breakdown Podcast by ITRC - Moving Forward Together - S6E15

Show Transcript

Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for May 16, 2025. I'm Alex Achten, Senior Director of Communications & Media Relations of the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we look at the most recent events and trends related to data security and privacy. Today, we will analyze the newly formed data privacy consortium. 

Henry Ford once said, “If everyone is moving forward together, then success takes care of itself.” The quote emphasizes the importance of teamwork and collective effort in achieving desired outcomes. Eight state regulators are taking that approach regarding privacy issues and a potential shift toward coordinated enforcement.  

Last month, the California Privacy Protection Agency (CPPA) issued a news release announcing that eight different state privacy regulators joined forces to form the Consortium of Privacy Regulators, a bipartisan coalition aimed at coordinating enforcement and protecting consumer privacy through collaboration. The Consortium of Privacy Regulators includes the CPPA and the attorneys general of California, Colorado, Connecticut, Delaware, Indiana, New Jersey and Oregon.  

The CPPA says that the regulators in the data privacy consortium have entered into a memorandum of understanding outlining the group's goals, including facilitating discussions of privacy law developments and shared priorities, with a focus on consumer protection across jurisdictions. The participating regulators established the Consortium of Privacy Regulators to share expertise and resources, as well as coordinate efforts to investigate potential violations of applicable laws.  

This data privacy consortium partnership is an effort by leaders to increase consumer rights to access, correct, delete and opt out of the sale of their personal data. What does this mean for businesses? According to the law firm Skadden, Arps, Slate, Meagher & Flom LLP, businesses can expect: 

• Greater multi-state coordination in investigations and enforcement actions. 
• More unified interpretations of overlapping privacy rights, such as access, deletion and opt-out. 
• A higher premium on early, open engagement with regulators. 
• Increased resource-sharing among states, including technical experts and legal personnel. 

“We've seen firsthand how misuse of data can harm Californians, whether it's information about their health, location, kids, identity and more,” said Michael Macko, the Agency's head of enforcement. “We're proud to collaborate with states across the country to advance consistent, streamlined enforcement of privacy protections to address real-world privacy harms. The Consortium reflects this shared commitment – now and for the future.” 

The CPPA says that, while each state has its own law, all data privacy consortium members share certain fundamental features to protect privacy, with the rights to access, delete and stop the sale of personal information, and similar obligations on businesses. Those similarities allow for like-minded applications across jurisdictions and enable the Consortium to work together to promote the privacy rights of people like you and me.  

These are eight leaders following Henry Ford's words and coming together to achieve their desired outcomes: ”If everyone is moving forward together, then success takes care of itself.”  

If you want to know more about how to protect your business or personal information or think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, via text message, chat live on the web, or exchange emails during our normal business hours (6 a.m.-5 p.m. PT). Just visit www.idtheftcenter.org to get started. 

Thanks again to Sentilink for their support of the ITRC and this podcast. Please hit the like button for this episode and subscribe wherever you listen to your podcasts. We will return next week with another episode of the Weekly Breach Breakdown. I'm Alex Achten. Until then, thanks for listening.