« Threat Protection for Web Services - XML | Main | Beware the iPod? »

The identity theft of 26 million U.S. veterans and spouses has sparked debate and numerous investigative meetings. That significant data breach will cost us taxpayers over $100M to notify the affected parties and offer credit protection against potential abuses.

You might be thinking that this compromise of privacy information is a rare occurance or a red herring but in fact, this is merely the latest and best publicized incident in recent history. To get a better view into the number and frequency of compromises look at the record and chronology of these events at http://www.privacyrights.org/ar/ChronDataBreaches.htm

Furthermore at the time of writing, the www.privacyrights.org hadn't yet updated to include this latest faux pas.

http://www.cio-today.com/story.xhtml?story_id=111003TREALO

When will organizations get serious about security? Who knows? Unfortunately, it often requires unfortunate incidents like the Veteran's Administration debacle to spur change. I'm not usually in favor of legislating our way to security but laws like California's SB 1386 legislation need to become nationally adopted. SB 1386 holds companies legally and financially responsible for communicating to customers should information held or stored about any California resident be violated. It's created the necessary incentive for at least some organizations to take seriously the stewardship of privacy data.

Meanwhile companies need be responsible to act before they get acted upon.

Posted by andreyee in Privacy/Information Theft |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/405

Posted by: Charles Nicholls @ www.seewhy.com at June 27, 2006 11:35 AM