Ryan Jones Blog – dotCULT.com Ryan Jones Blogs About Internet Culture, Marketing, SEO, & Social Media

April 23, 2007

Personal Data Loss Regulations?

Filed under: Main — Ryan Jones @ 1:19 pm

A law firm is asking what we’d like to see in draft legislation about identity theft.

The basis is that companies aren’t doing enough to help victims after their data is lost/stolen/compromised.

Here’s a few of my suggestions:

1. Stop storing information you don’t need. If you don’t automatically bill my credit card number, don’t store it.

2. Encrypt all that data you DO store. There’s no reason my SSN should ever be stored in plain text anywhere.

3. Stop storing my SSN on laptops. If you’re a US veteran, there’s probably 2-3000 laptops out there with all of your personal information on them. Laptops are easily lost or stolen and there’s no reason anybody needs to take my information home with them every night.

4. Make massive fines for data loss. I’m talking a 2nd occurrence should cause any company (including even a Google or Microsoft) to go bankrupt. There’s no reason for a first occurrence to even happen but without stiff penalties companies just don’t care.

5. Require companies send letters in the mail to anybody whose data may have been compromised and offer free credit monitoring for 1 year to all those possibly affected.

I myself had had my SSN and personal information stolen from an advertising company I once used (RMX Direct) and it can be a scary process. Sadly, there’s really nothing you can do once it’s happened. Cops don’t prosecute, nobody looks into it or helps you – you’re on your own.

What’s your take?

1 Comment

  1. There needs to be more done on the part of the people who are enforcing identity theft laws ie the cops and people who look into it. I’m baffled every time I see or read another story where someone has had their identity stolen and the banks, credit bureau, and law enforcement are doing nothing to help them repair the damage but instead still making them pay for it for years down the road.

    I think your idea of imposing heavier fines is great and to help counter that, companies should invest even more heavily into online security and identity theft prevention personnel. Makes sense as the world becomes more and more immersed in web 2.0 right?

    Comment by Adam — April 26, 2007 @ 3:23 pm

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress