If firms like Target won't protect privacy, make 'em pay

Companies leave customer information vulnerable to hackers because better safeguards would cost them money. Fines for data breaches could change their attitude.

Businesses have the tools and know-how to keep our personal information safe.

They just don't do it.

"It's expensive," said Nick Mancini, a partner at Tech Consultants, a Woodland Hills information technology firm.

And that, in a nutshell, is why big companies that should know better routinely issue red-faced notices that they've been hacked and that customers' confidential info is on the loose.

Target took it on the chin again Friday when it revealed that up to 110 million customers — not just the 40 million it originally reported — may have had their names, addresses, credit and debit card numbers and other information stolen.

"I know that it is frustrating for our guests to learn that this information was taken, and we are truly sorry they are having to endure this," said Gregg Steinhafel, Target's chief executive. "I also want our guests to know that understanding and sharing the facts related to this incident is important to me and the entire Target team."

Well, that's heartening, even though the company seems to be having a difficult time with both the understanding and the sharing parts of that.

The Target hack underlines the vulnerability of consumer data at a time when businesses large and small are doing their darnedest to amass as much of our info as possible.

Knowing a lot about customers enables companies to tailor their marketing pitches to people's specific tastes. It also provides a treasure trove of digital goodies that can be sold to other businesses and marketing firms.

So it's no wonder that almost all transactions these days include not just your name and credit or debit card number, but also requests for your email address or other contact info.

That information is subsequently triangulated with other info available from so-called data brokers. The upshot is that highly revealing dossiers on your life and personal habits can be compiled by corporate interests — and, in turn, made available to hackers.

Think the National Security Agency is nosy for peeking at your email or eavesdropping on phone calls? The World Privacy Forum, an advocacy group, testified in Congress last month that data brokers are providing marketers with lists of people with chronic diseases such as AIDS and of women who have been raped.

Other lists include people with known addictions to drugs or alcohol, the locations of domestic violence shelters and the home addresses of police officers.

"Highly sensitive data are the frayed and ugly ends of the bell curve of lists, far from the center," said Pam Dixon, executive director of the World Privacy Forum. "This is where lawmakers can work to remove unsafe, unfair and overall just deplorable lists from circulation."

I have some other advice for lawmakers. I'll get to that in a moment.

First, let's dispense with the notion — promulgated by many in the business world — that customer data is basically safe, so you shouldn't worry. It's not. And you should worry.

More than 662 million consumer records have been exposed to theft in more than 4,150 known security breaches since 2005, according to the Privacy Rights Clearinghouse in San Diego.

Businesses also would have people think that they're bending over backward to keep a lid on customers' personal information. Nearly all corporate privacy policies include some variation on the phrase "we take privacy seriously."

If that were true, though, they'd actually take privacy seriously, which would mean using all resources at their disposal to make good on their pledge.

The tools are there. Technology is available to encrypt data, making it unintelligible to anyone lacking an encryption key.

Featured Stories

CTnow is using Facebook comments on stories. To comment on ctnow.com articles, sign into Facebook and enter your comment in the field below. Comments will appear in your Facebook News Feed unless you choose otherwise. To report spam or abuse, click the X next to the comment. For guidelines on commenting, click here.

CONSUMER COLUMNISTS

Kevin Hunt - The Electronic Jungle

Kevin Hunt: Rocki Play, A $49 Streamer, Brings Music From Smartphone To Speakers - September 8, 2014 - For a colorful little music streamer with 17 sides (at last count) and a bust-out Kickstarter funding campaign, the Rocki Play isn't...

Gail MarksJarvis

Benefits, not just paychecks, have fallen on hard times - September 11, 2014 - Paychecks have been disappointing investors for years, but that's not all that's been putting pressure on household spending.

David Lazarus

Your privacy, their paycheck - September 18, 2014 - Ann Howe's phone was ringing frequently, but the calls weren't for her. They were for someone bearing the last name of Rapp.

Korky Vann

Artistic Tag Sale At Farmington Valley Arts Center - September 19, 2014 - >>Artists at Farmington Valley Arts Center, 25 Arts Center Lane in Avon, have been cleaning out their attics,...

Advertisement

...