For whichever U.S. state you are currently residing in, research its breach notification law. Note that some states do not label it as such, but all 50 states have some form of legislation that mandates an organizations responsibilities when a data breach affects the states citizens private, protected information.
Some research resources to consider include your textbook, of course; the UC Library, particularly via the Nexis Uni database; the states governmental websites; the state bar associations (legal profession) website; Cornell Universitys legal website; etc. Describe your states law including at least these considerations:
What types of organizations or individuals does it apply to?
Is it limited to only those organizations or individuals who reside or exist in that state, or might it affect external interests?
How does the law define or describe the information that it protects, by both name and description?
What exemptions, if any, exist?
What are the penalties for violating the law?
In your opinion, is it effective? Good law? Needing updating? What other critiques or opinions do you have about it?
Anything else that you think your classmates would benefit from.
