Business Intelligence Network Business Intelligence Resources

Blog: Claudia Imhoff

« Five Dysfunctions of a Team - How to Tell When You or Your Team is in Trouble | Main | "Sea Change" at Microsoft? »

Protecting Your Personal Data - Not?

I usually don't like to blog about the political wranglings that occur in our esteemed nation's capital but this one caught my eye -- mostly because it will have a significant effect on BI technologies as well as all of us personally.

Yesterday, House Democrats and Republicans got into a royal fight over how best to protect consumers' personal data, as they moved legislation to reduce identity theft and fraud onto a fast track in Congress. What does this really mean?

A subcommittee of the House Energy and Commerce Committee approved a bill that requires information brokers to submit plans for safeguarding private data to the FTC for monitoring and review.

The proposed legislation would require notification of consumers when "certain" breaches of data occur. It would also force brokers to submit to security audits if their databases are compromised.

Note the quote marks.

They are the cause of the dust up in the subcommittee. Democrats claim that the bill is filled with loopholes and would leave us poor consumers less protected than we are now. Under the bill, data brokers and companies that store our consumer data would have to notify us that our data was breached only when it was determined that a significant risk of identity theft or other fraud might result.

And who would make the decision of "significant risk"? Why, the company whose data was breached, of course. Don't know about you but that leaves me less than warm and fuzzy inside.

Just in this year, many millions of consumers have been notified of serious breaches at information brokers such as ChoicePoint Inc. and LexisNexis, financial institutions, government agencies, universities, online retailers and other firms. California and New York have already proposed laws that are much more proactive than the Federal bill.

However, "No notices would have gone out under the standard put forth in this bill." said Rep. Janice Schakowsky (D-Ill).

The data brokers, direct marketers, financial institutions and large technology companies supported the proposed bill. They argue that data thieves and hackers cannot always use the data they might gain access to. I would have to say that I certainly don't want to receive a barrage of notices every time a breach occurs (I certainly hope they do not occur that often, as well) but I also don't want to be kept in the dark.

Seems like there ought to be a more impartial way to make the determination of whether a consumer should be notified or not. What if the company is wrong in its assessment of the danger?

There is still time for a compromise before this bill is voted upon. Let your Representative know how you feel - either way.

Yours in BI success,

Claudia


  Posted by Claudia Imhoff on November 4, 2005 3:08 PM |

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)