Language Selection

English French German Italian Portuguese Spanish

Burden is on us to protect our data

Filed under
Security

If you had to guess, how many companies would you say have enough of your personal data stored in various databases to make even a rookie crook ready for prime-time conning?

Ten, perhaps? What about 50, 100 or 1,000?

You probably don't know the answer, and that is exactly the problem.

In the past six months, the personal data of millions of consumers have been lost, stolen or sold to identity thieves. The most recent case involved a financial unit of Citigroup Inc. CitiFinancial, which provides a wide variety of consumer loan products, disclosed that personal information (Social Security numbers, loan account data and addresses) of 3.9 million of its customers was lost by UPS in transit to a credit bureau. So far CitiFinancial said it had no reason to believe that the information has been used inappropriately.

So far.

Every time we hear of one of these cases, the companies involved tell their customers not to worry. Trust us, they say. They pledge to enhance their security procedures.

The promises don't make me feel any safer about my personal data. How about you?

It's time for the federal government and the states to step in and make sure the companies fulfill those promises.

There have been some efforts to protect people's financial information. On June 1, a new federal rule took effect that requires businesses and individuals to destroy sensitive information derived from consumer credit reports.

I was initially encouraged when I heard about this rule. It seems to cover all the bases -- individuals, and both large and small organizations that use consumer reports, including consumer reporting companies, lenders, insurers, employers, landlords, government agencies, mortgage brokers, car dealers, attorneys, private investigators, debt collectors and people who pull consumer reports on prospective home employees, such as nannies or contractors.

There's just one little problem with this "Disposal Rule." There is no standard for how the documents have to be destroyed. Here's the direction the Federal Trade Commission is giving to businesses and individuals: "The proper disposal of information derived from a consumer report is flexible and allows the organizations and individuals covered by the rule to determine what measures are reasonable based on the sensitivity of the information, the costs and benefits of different disposal methods, and changes in technology."

How strong is a standard if it has no standard? Basically, those who have our information get to decide how and when it is to be destroyed.

"The burden is completely on the consumer to protect what is important," said Evan Hendricks, editor and publisher of the newsletter, Privacy Times.

Full Article.

More in Tux Machines

Open source now part of Romania’s Digital Agenda

All of Romania’s public administrations are to use open source and open standards software. The government is making this a (minute) part of the 2014-2020 Digital Agenda, made public in November. The approach will increase interoperability of ICT systems. Read more

GNU Binutils 2.25 Released With Port To Andes NDS32

The Binutils 2.25 changes include support for the Andes NDS32 architecture and new --data, --include-all-whitespace, and --dump-section options. Among the changes for GNU ld in Binutils 2.25 is support for the Andes NDS32 architecture, support for the OpenRISC and OR32 has been replaced with the OR1K port. Gas for Binutils 2.25 has support for AVR Tiny micro-controllers, support for the NDS32, and enhanced ARM support. The NDS32 enablement within the GNU stack has been going on for a while with last year GCC seeing a port to this architecture, etc. The NDS32 from Andes Technology is a 32-bit CPU architecture designed for embedded environments using the AndeStar ISA and the SoC processors are marketed under the AndesCore brand. Read more

2014 Year-End NVIDIA Linux Benchmark Comparison

For this article today, the major driver releases of the year for their mainline driver were benchmarked while ignoring some of the later drivers in each series that just shipped bug-fixes or new kernel / xorg-server support after a new driver series was already in beta or stable. The tested NVIDIA drivers for this article include the 331.38, 334.16, 337.12, 337.19, 340.17, 343.13, 343.22, 346.16, and 346.22 Linux x86_64 drivers. The 331 series was the last driver series from late 2013 for reference. The graphics card used for today's testing was a GeForce GTX 780 Ti (Kepler) graphics card as being a high performance GPU that's compatible with all of the driver releases tested throughout the year. Read more

Quadcopter drone packs first all-Linux APM autopilot

Erle Robotics launched a ROS-enabled, open source “Erle-brain” autopilot that runs APM directly on Linux. The device also powers an “Erle-copter” drone. Over the last year, Spanish firm Erle Robotics S.L. has been working with 3DRobotics to develop an open source BeaglePilot autopilot for drones that can run Linux on 3DR’s popular, Arduino-based APM (ArduPilot Mega) platform. The APM Linux port was developed by both companies, as well as several academic institutions. The BeagleBone-based “Erle-brain” autopilot is built into the $490-and-up Erle-copter quadcopter. Read more