Skip to content

Breach disclosures: negatives unproven

July 31, 2013

I think it’s fair to generalize that most people have become somewhat numbed to the ongoing flow of data breach disclosures, as are nicely tabulated by the Identity Theft Resource Center, and/or have just remained oblivious to them.  I think it’s a Good Thing for data holders to be accountable for disclosure reporting, both as a measure of protection for the individuals impacted and as a public disincentive for ineffective practices.  That said, though, I always wonder how many other breaches occur but go undetected or unreported.  The fact of “lost” data can be tricky to detect, since it’s a type of good that can often be copied without being removed from its original source, and that doesn’t stand out thereafter as missing from that source. If I’m understandably concerned about the safety of my information, the fact that a particular data holder may have had a past breach doesn’t speak directly about the safety of its current practices; in fact, a past disclosure could well have served as a “wake-up call” motivating improved safeguards. On the other hand, a holder’s absence from a disclosure list doesn’t prove that no data has been or could later be breached from that holder.

From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: