Language Selection

English French German Italian Portuguese Spanish

Burden is on us to protect our data

Filed under
Security

If you had to guess, how many companies would you say have enough of your personal data stored in various databases to make even a rookie crook ready for prime-time conning?

Ten, perhaps? What about 50, 100 or 1,000?

You probably don't know the answer, and that is exactly the problem.

In the past six months, the personal data of millions of consumers have been lost, stolen or sold to identity thieves. The most recent case involved a financial unit of Citigroup Inc. CitiFinancial, which provides a wide variety of consumer loan products, disclosed that personal information (Social Security numbers, loan account data and addresses) of 3.9 million of its customers was lost by UPS in transit to a credit bureau. So far CitiFinancial said it had no reason to believe that the information has been used inappropriately.

So far.

Every time we hear of one of these cases, the companies involved tell their customers not to worry. Trust us, they say. They pledge to enhance their security procedures.

The promises don't make me feel any safer about my personal data. How about you?

It's time for the federal government and the states to step in and make sure the companies fulfill those promises.

There have been some efforts to protect people's financial information. On June 1, a new federal rule took effect that requires businesses and individuals to destroy sensitive information derived from consumer credit reports.

I was initially encouraged when I heard about this rule. It seems to cover all the bases -- individuals, and both large and small organizations that use consumer reports, including consumer reporting companies, lenders, insurers, employers, landlords, government agencies, mortgage brokers, car dealers, attorneys, private investigators, debt collectors and people who pull consumer reports on prospective home employees, such as nannies or contractors.

There's just one little problem with this "Disposal Rule." There is no standard for how the documents have to be destroyed. Here's the direction the Federal Trade Commission is giving to businesses and individuals: "The proper disposal of information derived from a consumer report is flexible and allows the organizations and individuals covered by the rule to determine what measures are reasonable based on the sensitivity of the information, the costs and benefits of different disposal methods, and changes in technology."

How strong is a standard if it has no standard? Basically, those who have our information get to decide how and when it is to be destroyed.

"The burden is completely on the consumer to protect what is important," said Evan Hendricks, editor and publisher of the newsletter, Privacy Times.

Full Article.

More in Tux Machines

2014: A Banner Year for Open Source

Open source was initially adopted for low cost and lack of vendor lock-in, but customers have found that it also results in better innovation and more flexibility. Now it is pervasive, and it is challenging proprietary incumbents across technology categories. It is not only mainstream, open source is truly leading innovation in areas like cloud, mobile, big data, the Internet of Things, and beyond. As we embark on a new year, I cannot help but reflect on the speed with which technology is changing. Rapidly delivering technology is about much more than just the technology – it is about people and culture. More than ever, this is why executives are looking at key technology companies – including Red Hat – as their partner instead of as a vendor. Read more

IsoHunt releases roll-your-own Pirate Bay

Open Source Meritocracy Is More Than a Joke

In January 2014, Github removed the rug in its office's waiting room in response to criticism of its slogan, "United Meritocracy of Github." Since then, the criticism of the idea of meritocracy has spread in free software circles. "Meritocracy is a joke," has become a slogan seen on T-shirts and constantly proclaimed, especially by feminists. Such commentary is true — so far as it goes, but it ignores the potential benefits of meritocracy as an ethos. Anyone who bothers to look can see that meritocracy is more of an ideal than a standard practice in free software. The idea that people should be valued for their contributions may seem to be a way to promote fairness, but the practice is frequently more complicated. Read more Also: Unmanagement and unleadership

Linux Kernel Developers Consider Live Kernel Patching Solution

kPatch and kGraph may soon enable live kernel updates on all Linux distributions, making it possible to apply security and other patches on the open source operating system without rebooting. Read more