Michael Gracie

“if you are not doing anything wrong, then you have nothing to worry about” is more straw-man reasoning made by political types (as if they had any other type of debate skills) when there is no other reason for putting cameras [in your home].

Bruce Schneier says privacy is “an inherent human right,” and moves to argue the point quite effectively.

Unfortunately, in a world where access is perceived as power, and responsibility for data maintenance is left unthanked, there is always going to be someone willing to cough up a record, for a buck or a future favor.

If you are in the business of providing computer security tools and you get hacked, you better start praying your customers are the empathetic type. Find out about it several weeks after the fact, and you should start thinking about a new line of work.

There is no doubt that a lot of the holiday gifts rolling off the shelves about now are going to be the newfangled electronic kind. And some of the recipients are just going to plug those “gizmos” in and go. That flat screen TV, the new mini-stereo and the remote controlled blender are probably immune to the need for reading directions - that new PC (and a bunch of other storage devices, phones, and the like) may not be. It is not just about connecting that shiny new machine to the net, and getting infected with some virus, malware, or other computing malignancy inside of the first 20 minutes it is on - it is about data security as well. All those pictures and music you upload are valuable content - you have to protect it. The address book in your cell phone even more so.

So in the grand scheme of staying safe this holiday season, here are a few tips worth following.

Privacy advocates don’t like personal data warehouse businesses (like credit reporting agencies) to begin with. I believe that if it was up to them, there would be no data, and of course our consumer spending-based economy would grind to a halt. But the companies in question have fallen victim to a lot of data theft as of late (think Choicepoint, Bank of America), and the hows and whens of notifying the end consumer who is the subject of all that data is rearing its ugly head again.

I think quick notification must be the protocol, but I do not think that we need consumers running around suing companies for their ID theft - the two just don’t fit together. The average consumer barely knows what data is actually gathered on them to begin with. If you notify them of a breach, they are going to start suing for ridiculous sums, even if no damage is done. And, as things go with lawsuits, the only ones who stand to benefit are the attorneys in the middle.

Let legislate this issue straight, with some simple, common sense protocols which put the onus of notification and reparation on the data reporting agency, but not lock them down so far that consumer data can’t flow easily enough for me to get that Mercedes lease (not).

There has been a rash of press lately on data theft, its relation to spam and phishing, and its implications for ecommerce. But was hasn’t been analyzed very thoroughly is the source of these incidents. The general consensus always seems to be it is some internet scammers fault.
Read more »