March 20, 2007

Chicken little

From CIO magazine, the alarmist business perspective on California privacy legislation:

Like a large hurricane sweeping in off the Pacific, these laws will wreak havoc on all kinds of business processes, including how websites can collect personal data and the management of databases that store personal information on customers. They will influence how companies share personal data with third parties and restrict their ability to contact consumers via cell phones and faxes.
...
So what can CIOs do? You may not be able to divert this threatening tidal wave, but you can be prepared for it. To reduce your company's vulnerability, educate yourself about the legislation so that you can talk intelligently with your corporate counsel and CEO. And you can insulate yourself from some of the laws altogether by using encryption. Encryption is one solution to California's disclosure laws. Companies are not required to notify customers in the event of a security breach if customer data is encrypted.

Circumventing legal requirements is key, folks.

You can also adhere to best practices discovered by CIOs who have run afoul of some of these laws and learned from the experience. Such practices include communicating with the public on what information you collect, and following that up with clear, honest answers to questions from customers and the media in the event of an information leak.

Definitely haven't seen any evidence in my research of an effort on the part of telecommunications corporations to promote transparency and communicate with the public on information sharing.

The truth is that legislation hasn't gone far enough to hold business accountable in protecting sensitive consumer information.

1 comment:

Anonymous said...

Keep up the good work.