Legal Issues

by Carlo Longino

Why Bother With Data Protection?

from the thanks-for-the-help dept

We've pointed out in our coverage of companies' data leaks that there's little incentive for them to spend much time or many resources on data protection, since the repercussions and costs of leaks are minimal. An interesting piece from Security Focus has taken a closer look at a case in which a person sued their student loan company after their information -- along with 550,000 other people's -- was leaked when a contractor's laptop was stolen. The court ruled in favor of the loan company, with the decision resting on whether or not the company had taken "reasonable" precautions to protect data. It's a totally subjective standard that's superficially imposed. As the article points out, the court said that the company had security policies and "safeguards" in place, but never actually examined whether or not they were effective, enforced or proper. Apparently the mere existence of some type of policy -- regardless of what that policy actually is -- is now enough for companies to eschew any liability for leaking consumers' data.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    dude, 22 Feb 2006 @ 9:19am

    No Subject Given

    Which is total BS. What they probably mean is that the laptop had a password on it and therefore was "secure." Hopefully this doesn't turn into a trend with other companies that "lose" data...

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.