After visiting PrivacyRights.org and seeing the publicly available information about data breaches I think that researcher could use this information a few ways to study data breaches.  The first thing I would suggest is for the researchers to review the data breach reports and the date breach chronology and cross reference the two so that they could determine if there are any patterns that could be found so that some better policy protections could be enacted or at least suggested.  They could then review the data brokers database and see if there are any data brokers that seem to be more vulnerable to a data breach and if so perhaps some best practices could be recommended to those brokers or sanctions if they continued to neglect to follow those suggestions.  Lastly the researchers could review the advocacy section and see if there is any correlation between advocacy and the prevention of data breaches and if there was a correlation for example between stronger advocacy for the consumer and less data breaches then suggestions could be made to any municipalities that did not yet have those laws enacted.