Clamoring voices are contending for the right to protect your personally identifiable information. Almost every state has enacted laws requiring that notification be sent to individuals affected by a data breach, and state attorneys general are jealously guarding their ability to go after retailers, financial institutions, health care providers, cloud storage services and others with individual data when breaches occur. But President Obama and the Federal Trade Commission want to provide a uniform National Data Breach Notification Standard, and the affected industries are vigorously supporting the passage of a uniform law to synthesize the dizzying array of state standards that they face when a breach occurs.

The result is the latest chapter in a debate as old as our nation, and what better reference do we have to consult but the Federalist Papers? In them, Alexander Hamilton (along with James Madison and John Jay) addressed the powers of the federal government, their effects on state authority, and the early consideration of when a field of regulation warrants the oversight of the federal government. Their observations demonstrate that, where a matter has a national effect, our entire system of government is designed to empower the federal government to provide consistent regulation. And so it should be with data breach regulations.

As is often the case, and in this particular instance, the commerce clause of the U.S. Constitution provides authority for the federal oversight of issues of national concern. As was noted by Hamilton in Federalist No. 33, in the necessary and proper clause, the constitution then “authorizes the national legislature 'to make all laws which shall be necessary and proper for carrying into execution the powers by that constitution vested in the government of the United States, or in any department or officer thereof.'” Madison noted in Federalist 44 that, “without the substance of this power, the whole constitution would be a dead letter.”