Data Security Breaches Will Lead To Costly Boondoggles
Their lame attention to the swelling data disconnect that exploded into a half-dozen high-profile security breaches and privacy gaffes just this past week opens the door to the boondoggle of regulatory investigations, rule-making and class-action lawsuits.
Rep. Ed Markey (D-Mass.), Rep. Bobby Rush (D-Ill.), Sen. Al Franken (D-DC) and Rep. Jay Inslee (D-Wash.) are among the legislators proposing tighter protections, while the Federal Trade Commission says it will examine companies' data missteps.
There are no guarantees that consumers will be any better off at the end of this tedious, costly process than they are now, and that more serious compromise of their personal information will not occur in the interim.
On many fronts, it might just be too late to reverse the damage. Unless the holding companies of the entities involved are held liable for the loss or misuse of consumers' personal and financial data (from credit card to social security numbers), it will continue at other unacceptable levels. As it now stands, only consumers -- not companies -- have everything to lose from their online engagement.
"Unauthorized persons" obtained more than 60 million user names, addresses, email addresses and credit card information when they hacked into Sony's PlayStation Network. While it could cost credit lenders an estimated $300 million to replace the comprised cards, victimized consumers will be subject to identity theft and months -- if not years -- of trying to set things right.
It is just the latest in a steady stream of personal data and privacy hackings that have extended from AT&T iPad users to corporate email handler Epsilon and even computer security companies such as RSA.
But America's data dysfunction does not stop there.
Matters were compounded last week when researchers revealed that Apple has been collecting location and other data from users' iPhones and iPads for more than a year, which Apple CEO Steve Jobs attributed to "a programming error." Google immediately conceded to collecting similar data about its Android phone users, prompting Microsoft to half-heartedly admit the same.
Consumers are deluding themselves if they think that such tracking files and data logs are unique or will not continue to proliferate relatively unsecured. Welcome to the new digital norm.
Adding insult to injury last week, Amazon's well-established EC2 cloud computing service crashed, losing and destroying critically important data stored for corporate clients. Clearly, backups for our exploding fascination with cloud storage are inadequate to protect data, the loss of which could be as devastating for companies as for individuals.
The sad truth is that as the digital world moves swiftly toward micropayment and mobile connected e-transactions, the players in charge need to get this right -- for security and economic reasons.
Advertising and marketing are being redefined as transactional relationships with affinity consumers. Yet about 64% of smartphone owners recently surveyed by TRUSTe and Harris Interactive say they are most concerned about privacy and security when using mobile apps, according to eMarketer.
Television networks still sell billions of exposures to advertisers based on broad, viewing estimates. Drawing broad conclusions about small-screen connections with specific demographic groups based on a smattering of in-home diaries was bad enough. Continuing the practice in an age of precise individual connections (whether companies want to admit it) is a travesty that will be toppled over time. Marketers are demanding certifiable data that will be available only if consumers believe their personal information is secure.
Playing fast and loose with data, however and wherever it occurs, makes it easier for many corporate players to assume a nonchalant mind-set about any issue related to the security of information. Collecting and storing users' location data to facilitate GPS satellite service (as Apple argues) is one thing; having such data available for other purposes not being addressed is quite another.
Telecom companies still can't protect us from pesky solicitors, despite the creation of an official no-call registry.
Credit scoring agencies and health insurers know more about you that they are willing to reveal but are always ready to use to deny individuals goods, services and jobs. The algorithms and sophisticated data mining and application used by giants Google, Apple and Amazon are beyond most consumers' comprehension. The combination of what companies would rather not disclose and what consumers would rather not know has brought us to a dangerous juncture in the digital revolution.
The bottom line is that data in all forms will be both a liability and an advantage of the digital age. Learning as we go is riskiest for consumers, upon whom businesses must depend for their digital fortunes. Jeopardizing that delicate balance this early in the game would be a mistake of irreversible proportions -- not only to consumer-based media-driven companies, but to the country.
The FBI recently warned that the lack of security and proper regard for data contributes to America's overall vulnerability in the digital age. "The cyber threat can be an existential threat -- meaning it can challenge our country's very existence, or significantly alter our nation's potential," said Steven Chabinsky, deputy assistant director of the FBI's cyber division.
White-collar criminals and hackers, believing they will never be caught or prosecuted, are increasingly involved in stealing private-sector data, intellectual property and state secrets, "undermining the stability of our government by weakening our economic or military supremacy," Chabinsky added.
Imagine what they are doing to you.