On Saturday 19 March 2005 09:36, Kurt Seifried wrote: > The sad part is there is NO (Zero, Nada, Zilch) incentive for companies to > treat this data securely. Information for a hundred thousand people is > stolen. So what? The company is not criminally liable in any way (I haven't > heard of any laws yet). Civilly they're barely liable either. It'll be more > of the same until we have laws with penalties for allowing theft of > customer data. To bad insurance won't work, when a physical item is stolen > it costs money to get a new one, and insurance companies won't pay out > unless you took due care/diligence, OTOH if you steal all the electronic > data (and even erase it) a company just restores from a backup and goes on > with life.
Don't forget that it's bad for the company's image to have confidential customer data stolen. As soon as the press catches on it's bad for business. So, companies *do* have a drive to secure your private data. - Vincent van Scherpenseel -- http://vincent.vanscherpenseel.nl/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
