Monday, May 02, 2005

The Cost of Securing the People's Privacy

Computerworld is a fecund source of privacy commentary. This week, C.J. Kelley thinks about the costs and potential liabilites of privacy regulation. The author includes the following scenario to illustrate the potential impact of a privacy breach upon an individual:

The Cost of Securing the People's Privacy - Computerworld:

"... Here's a nightmare scenario: Two years later, you are buying a home. You have already sold your old house and moved into temporary housing, since you have every reason to believe that the purchase of the new home will go through without a hitch. In the middle of the back-and-forth with the loan officer over interest rates, he calls and tells you that your loan has been turned down because of an overwhelming number of extremely negative items on your credit report. You're stunned. You may not have perfect credit, but it certainly qualifies for the best interest rates. The loan officer provides copies of your credit report to you, and you see that it's filled with items that you don't recognize, including locations you have never lived in or visited. Your credit score is in the proverbial toilet. How could this have happened? Without your knowledge, ever since that DMV security breach, someone else has been using your Social Security number and identity and has basically ruined your life...."

The rest of the article is a good read, too.

1 comment:

Chad Nantais said...

This author's use of the Open Systems Interconnect (OSI) layers to focus on different areas of vulnerability is a simple yet useful way of seeing all that needs to be secured.

However, we must not forget to weigh the cost of securing the people's privacy against the cost of not securing the people's privacy. While it is often hard to quantify the loss potential of a privacy breach, this exercise is key to an effective risk management strategy because it tells us to what degree we should safeguard against, assign, or accept different risks.