Sunday, March 19, 2006

Personal data at risk? Quick, call in the lobbyists!

Seems the Laziness Lobby in the US is stronger than the need for personal data protection. At least that's the only logical explanation for what happened in the US House Financial Services Committee last Thursday.

Case in question is a proposal of law that shamelessly waters down disclosure laws requiring companies to disclose security breaches that put personal data at risk (see "Next time you break into our database, could you please leave the Californians alone?". The House Committee voted 48-17 for a law that leaves it up to companies themselves to determine whether a security breach is harmful enough to warrant disclosure. The law would also neutralize existing disclosure laws (currently 11 States have them) that mandate disclosure after any privacy-sensitive data breach.

The irony is that the legislative effort in question was triggered by a serious incident at data broker ChoicePoint in february, 2005, where criminals accessed 160,000 records and robbed 800 of them.

And it's not as if Corporate America has been particularly careful since: security breaches seem to get sillier by the month (see There are morons, there are criminal morons, and there's Deloitte).

No comments: