ms. weinman with you. and the question would be what would you perceive in terms of how the dead canline should be established -- deadline should be established or the criteria for what would be a reasonable response and your view on whether an arbitrary deadline is something that would be, should be included in a data breach notification. >> thank you. i think an arbitrary deadline a specific time frame is not useful in that it sets an objective standard. each data breach incident is different. each incident requires special consideration to address vulnerabilities, cooperate with law enforcement. some breaches will require cooperating with many different types of law enforcement. so i don't think a specific day deadline is useful. that being said, a number of the states have deadlines that do not involve specific days, and i think that is the right approach to give sufficient flexibility. >> is there any is there any sort of -yard lines you'd look at -- guidelines you'd look at to determine whether a res

ms. weinman. the question would be, what would you perceive, in terms of how a deadline to be established or criteria for what would be a reasonable response, and your view on whether an arbitrary deadline is something that should be included in a data breach notification. >> thank you. i think an arbitrary deadline, a specific time frame, is not useful in that it sets an objective standard. each data breach incident is different. each incident requires special consideration to address boehner abilities. cooperate with law enforcement. cooperating with different types of law enforcement. i do not think a specific deadline is useful. that being said, a number of states have deadlines that do not involve specific days. i think that is the right approach to give sufficient fox ability -- flexibility. >> are there any guidelines you would look like as to whether or not a response was appropriate? if a guideline becomes an appropriate timeframe, what would be a triggering factor of whether the response