Fifteen million dollars, plus regular data-security audits and mandated changes in business practices. That's what ChoicePoint will pay to settle charges it violated consumer privacy rights when it unwittingly sold more than 163,000 customer records to fraudsters. ChoicePoint ushered in our current state of data insecurity, as one of the first companies stung in a big way by having to reveal its mistakes under data-disclosure laws.
The $10 million civil-penalty portion of the fine is the largest single fine in Federal Trade Commission history. In comparison, the state of California last year slapped a division of Kaiser Permanente with a $200,000 penalty for a breach that affected 150 customers, as states stepped up enforcement, too.
State disclosure laws brought these breaches to light, yet they continue. Last week, Ameriprise Financial said unencrypted data, including Social Security numbers of 226,000 customers and employees, was stolen from a laptop. The worker who downloaded the data was fired.
ChoicePoint CEO Derek Smith, in case you were wondering, remains in his job.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.