As you probably know, there aren't a lot of guarantees in life. But I have a few that I thought I'd share. If there are a zillion smart, innovative, and responsible uses for a technology, there are half as many stupid people who will abuse it (think child porn, software viruses, identity theft). If there are many responsible companies with smart privacy policies, there will be many others that are too lax about theirs. If people abuse technology for illegal or harmful purposes, they probably won't get the punishment they deserve (this is a probability, not a guarantee, but I fear if the trend doesn't change quickly, it will become a guarantee).
Let's start with ChoicePoint. Its privacy statement says it's "dedicated to protecting the privacy of individuals," which includes "strict standards regarding the use and dissemination of personal information." That sounds good. But somehow, identity thieves were able to set up 50 fake businesses and gain access to 145,000 customer data profiles. California law required the company to alert consumers about a potential breach, which is exactly the right thing to do. But it has opened up debate over whether laws in other states need to be more stringent. Regardless of what you think about that, here's what irks me: A company spokesman said, "We're being much more stringent in our requirements about who customers are and making them prove they're a legitimate business." Now, if you're dishing out personal information about consumers, wouldn't you think that providing it only to legitimate businesses would be top of mind? Wouldn't you seek that proof? Wouldn't you verify it?
Here's something that irks me even more. One of the participants in the scheme was sentenced to a measly 16 months in prison. It could take years for people whose identities have been stolen to clean up their financial records, and this guy gets less than a year and a half? "Surely this must be some kind of a joke," wrote reader Mike McCreery. "Shame on us as a society for allowing these people to steal this amount of personal data and then just give them a little slap on the wrist. Where is the justice when it comes to IT crimes?"
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.