March 14th, 2005, 09:52 PM
The law of unintended consequences
The great balancing act
Is it in the best interest of the customers of the business owners of New Jersey to have the company that was hacked to decide which parts of my information are sensitive. I would expect most consumers would assume that if some of their data was accessed, all of it was.
One measure introduced last month in New Jersey, for instance, would require that customers be alerted if any personal information--even an e-mail addresses or home page address--is acquired by an "unauthorized person." Companies that fail to disclose this can be fined $10,000 for the first offense and $20,000 for the second.
Perhaps an e-mail address or home page address could be as sensitive as a bank account number and PIN, but for most people that seems unlikely. Is such a sweeping definition of "personal" information really in the best interests of business owners in New Jersey?
\"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn
March 14th, 2005, 10:15 PM
This is the exact issue that most places are facing. Definitions shift across business sectors. It will be interesting to see what comes out in the wash.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden