[Dataloss] Data breach notification survey

TSG tglassey at earthlink.net
Thu Jun 12 16:52:17 UTC 2008 

I agree... but the government and congress will never do this. The only way 
to make it work is sue over copyright issues to the information itself. 
Creating a virtual trademark per se, that is composed of the personal 
information might work for this.

Todd Glassey

----- Original Message ----- 
From: "Edward White" <ewhite at avrenter.com>
To: "Henry Brown" <hbrown at knology.net>
Cc: <dataloss at attrition.org>
Sent: Thursday, June 12, 2008 9:15 AM
Subject: Re: [Dataloss] Data breach notification survey


> Here is a novel idea:
> 1) Companies should not be able to buy and sell personal information.
>
> 2) Companies, mainly retailers, should not be able to keep information
> swiped via a credit card or any other card past the time of payment
>
> 3) If Companies are required to keep any personal data for any reason
> and for any amount of time; they should be required to protect the data
> with encryption
>
> If the companies violate any of these points the CEO, CFO and CIO should
> have to go to jail for 90 days.  There should be a time period of 6
> months to complete the protection.  After the first set of executives
> goes to jail for 90 days most of the companies will be compliant very
> quickly.  If you do not have the data, you can not lose it; if you
> protect the data it can't be used.  This should knock out most of the
> problems and guess what the companies will not have the liability issue
> :)
>
> -----Original Message-----
> From: dataloss-bounces at attrition.org
> [mailto:dataloss-bounces at attrition.org] On Behalf Of Henry Brown
> Sent: Thursday, June 12, 2008 12:04 PM
> To: dataloss at attrition.org
> Subject: [Dataloss] Data breach notification survey
>
> From clearswift.com press release
> http://www.clearswift.com/news/item.aspx?ID=1465
>
> [...]
> Results highlights:
>
> 78% of IT decision-makers don't believe the general public should be
> informed if a data breach occurs;
> 54% of U.S. IT decision-makers are unaware of data breach disclosure
> laws;
> 53% are in favor of legislation that would force companies to publicly
> declare a data breach if it occurred; 38% are in favour of legislation
> that would make negligent loss of personal information a criminal
> offence;
> 19% of companies have suffered a data loss in the last 12-18 months; 50%
>
> more than once;
> 38% of IT managers have seen their annual IT spends increased by as much
>
> as 10% since data breach notification legislation were introduced.
>
> [...]
>
> While respondents felt the general public did not need to know (78%),
> they did indicate that affected customers and partners should be
> informed (95%) while less than half of them felt that industry
> regulators (42%) or even the police (35%) should be notified.
>
> [...]
>
> All the above figures, unless otherwise stated are from Clearswift.
> Total sample size was 3 340 US IT decision makers. Fieldwork was
> undertaken between March 10 and April 10, 2008. The survey was completed
>
> online.
>
> [...]
>
>
>
>
> _______________________________________________
> Dataloss Mailing List (dataloss at attrition.org)
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance monitoring
> solutions for large and small networks. Scan your network and monitor
> your
> traffic to find the data needing protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 3181 (20080612) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 3181 (20080612) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
> _______________________________________________
> Dataloss Mailing List (dataloss at attrition.org)
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance monitoring
> solutions for large and small networks. Scan your network and monitor your
> traffic to find the data needing protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml

More information about the Dataloss mailing list