For the past 10 years I have been driving the same, reliable, non-troublesome car. It still looks good enough (I don’t really worry about driving an “it” kind of car). However, it is getting a bit rattly, and my friends have been increasingly giving me a hard time about continuing to drive it past the 200,000 mile mark. I never really cared much until my starter went out a couple of months ago. I wondered, what if this had happened to me while I was in a neighboring state at a client site? Sure, I have AAA, but it would still be a hassle. So, I decided if I saw a car I really liked and that had all the features I wanted, I would splurge and get a new car.
Well…I just happened to find a car I absolutely loved after seeing and driving it. I was at the dealer paying for it yesterday, and the sales person asked for my Social Security Number (SSN).
Posts Tagged ‘personally identifiable information’
FTC Settlement For Marketing Via Pop-up Ads: Lessons For All Marketers Regarding Consent & Consumer Complaints
Sunday, December 9th, 2007I like to keep my eye on the FTC site; they are very active in catching businesses violating the U.S. FTC Act by practicing unfair and deceptive business practices, particularly via the Internet. They really demonstrate the need for privacy and information security professionals to stay on top of what their business units and marketing areas are doing with regard to contacting consumers, forcing ads upon them, and gathering information from them.
And The Award For Best Email Security Awareness Film of 2007 Goes To…
Friday, December 7th, 2007I’ve been seeing a ton of articles and blog postings for the “Best Security <Whatever> of 2007,” “Worst Security Exploits of 2007,” “Security Projections for 2008” and so on in the past few weeks.
Well, I’ve got my own “Best of” award to give for 2007!
None of the best of or worst of postings or articles that I have seen have covered information security and privacy awareness, even though most information security incidents and privacy breaches occur as a result of humans…human error, lack of knowledge or malicious intent.
And The Award For Best Email Security Awareness Film of 2007 Goes To…
Friday, December 7th, 2007I’ve been seeing a ton of articles and blog postings for the “Best Security <Whatever> of 2007,” “Worst Security Exploits of 2007,” “Security Projections for 2008” and so on in the past few weeks.
Well, I’ve got my own “Best of” award to give for 2007!
None of the best of or worst of postings or articles that I have seen have covered information security and privacy awareness, even though most information security incidents and privacy breaches occur as a result of humans…human error, lack of knowledge or malicious intent.
Be Aware: Court Ruling Allows Circumstantial Evidence In Court Case Against Company That Experienced Privacy Breach
Thursday, December 6th, 2007So many times…actually almost every time…a privacy breach occurs the company that experienced the breach makes a public statement similar to, “We have no evidence that the personal information has been used fraudulently” or “We do not believe the information stolen will be used for identity theft.”
Why do companies so often make this statement? Because their lawyers know that it will be hard, if fraud and crime occurs using the compromised personally identifiable information (PII), to directly tie the breach to such fraud crimes.
Be Aware: Court Ruling Allows Circumstantial Evidence In Court Case Against Company That Experienced Privacy Breach
Thursday, December 6th, 2007So many times…actually almost every time…a privacy breach occurs the company that experienced the breach makes a public statement similar to, “We have no evidence that the personal information has been used fraudulently” or “We do not believe the information stolen will be used for identity theft.”
Why do companies so often make this statement? Because their lawyers know that it will be hard, if fraud and crime occurs using the compromised personally identifiable information (PII), to directly tie the breach to such fraud crimes.
Email is for “Old People”: Do Lack of Laws Make IM and Texting Ripe for Exploiting Children & Teens?
Wednesday, November 28th, 2007My 13-year-old-niece wrote an article for me about social engineering, and I got a chuckle out of her writing, “Maybe I’m old-fashioned, but I only use email. I don’t have my own FaceBook site.”
Can you imagine email being old-fashioned?! Gosh, my hand-written letters must be prehistoric!
Judge Rules University Policy & FERPA Allow Student PII To Be Released
Tuesday, November 6th, 2007Here’s a case I found interesting…the U.S. District Court for the Eastern District of Tennessee ruled on October 24th that providing a group of record company plaintiffs with student personally identifiable information (PII) does not violate the U.S. Family Educational Rights and Privacy Act (FERPA).
Judge Rules University Policy & FERPA Allow Student PII To Be Released
Tuesday, November 6th, 2007Here’s a case I found interesting…the U.S. District Court for the Eastern District of Tennessee ruled on October 24th that providing a group of record company plaintiffs with student personally identifiable information (PII) does not violate the U.S. Family Educational Rights and Privacy Act (FERPA).
