Finally, A Telco Gets Blamed For Its Own Data Leaks
from the it's-about-time dept
Earlier this year, there was a lot of press coverage over the fact that people could go to various online "information broker" services and buy the mobile phone records of just about everyone. What dismayed (though, not surprised) us was that so much of the anger was directed at the government (as in, why aren't they doing anything about it) and not the telcos for leaking all that data. In fact, the telcos weren't about to miss an opportunity to shift the blame -- and so even they came out publicly and whined about the government not doing enough, never bothering to mention the fact that this data wouldn't have been out there if they hadn't leaked it in the first place. Perhaps they should have kept quiet. The government finally did step in, and just last week one of the more well known data brokering firms was hit with a fine for failing to respond to a subpoena. However, it looks like the government didn't stop there either. Today comes the news that AT&T will also be paying a settlement for leaking the data in the first place.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
if the whole 'first' thing annoys you, well ignore it, let the children play. the posts are crap, but at least they are short.
it could be worse...
[ link to this | view in chronology ]
Re:
Speaking of being ontopic, it's about damn time that big business was held accountable for their actions. Lets hope this sparks a rash of fines and lawsuits against the companies who leak this kind of personal information.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The problem...
So long as government doesn't interfere (interfere == (heavy )regulation) too much in business and the general public remains vigilant, alert and informed corporate corruption is minimal at worst.
Unfortunately with regulation and an ill-informed, ignorant or apathetic public we get things like monopolistic telcos and greedy politicians. Most of the public doesn't know they're getting royally shafted, or they don't care and those of us who do know about the corruption in government and corporation are almost powerless to stop it.
[ link to this | view in chronology ]
Re: The problem...
It is not the public's responsibility to monitor for corporate corruption, and big business has proven time and again, if they think nobody is watching, they'll act like it.
[ link to this | view in chronology ]
Re: Re: The problem...
but the media, the government, and big business are all too greedy and gutless to do anything exept sell out.
that leaves the "ignorant" public to fend for itself.
[ link to this | view in chronology ]
Re: Re: The problem...
[ link to this | view in chronology ]
Re: Re: The problem...
Read it again.
So long as government doesn't interfere (interfere == (heavy )regulation) too much in business and the general public remains vigilant, alert and informed corporate corruption is minimal at worst.
In other words:
If the market were free (IE little government control), and the people willing (IE not being apathetic) we could control both the government and corporate sector.
I was saying *if* these things happen not that they are, because they aren't. Government is interfering, the people don't care and thus you have big nasty corporations that are greedy and have the power to feed that greed.
Worse off the media doesn't do anything about because they are huge corporations.
[ link to this | view in chronology ]
Remember in the 80's - how they said computers would make things more secure, etc... etc...
The more the mix money and tech the more money you lose.. If there's one thing that's certain - computers are NOT secure, lol
[ link to this | view in chronology ]
I agree with Joe
Greed is the root of all that ails us. Period. People are making money doing this and will do so even with the threat of government fines. They see it as the cost of doing business. Companies are paying a lot more attention to their corruption with the Enron case, MCI and Tyco. If it is jail time, then people start to think.
But the fines that can be put out there just are not deterent enough. People making millions and then hit with $10,000 fines are like what the NBA does to Mark Cuban or NFL to T Owens. Hit them where it hurts and that is living in club fed.
[ link to this | view in chronology ]
Hmmm...
[ link to this | view in chronology ]
Corporate Responsibility
(this problem also exists in government agencies, but is beyond the scope of this rant)
It's obvious that having this sensitive data predicates these corporations' success. THEY NEED IT TO MAKE MONEY. That's fine. Really. AS LONG AS THEY ARE RESPONSIBLE WITH IT.
Simply put, the protection of this data is the responsibility of these corporations. It has been reported, early and often, that these corporations refused to take sensible steps to protect the data, e.g., encryption. Their argument has been that it's too hard, that it slows down access, etc. THEY SAY IT'S INCONVENIENT FOR THEM TO PROTECT THE DATA.
That argument doesn't hold water. On the one hand, they need the data, but on the other hand, they aren't willing to protect it.
It's obvious that they have no interest or incentive to protect it.
Case in point: Credit Reporting Agencies. Whether or not their data is secure is minor for them, but they're still not responsible with the data. That is, IT IS SOMEHOW THE CONSUMER'S RESPONSIBILITY TO GUARANTEE THE ACCURACY OF THIS DATA. Ridiculous. If this data is expected to be accurate, then the owners of the data must ensure that it's accurate.
By the same token, corporations which have sensitive data seem to believe that IT IS ALSO THE CONSUMER'S RESPONSIBILITY TO WORK AROUND PROBLEMS CAUSED BY THE COMPROMISE OF THEIR PRIVATE DATA.
In general, corporations with sensitive data have no business case for ensuring the accuracy of, or protecting it. Perhaps we need for them to have it.
Anyone have a better idea than legislation? That's the worst case:
1. Corporations will lobby the Congress for weak rules
2. The laws will not be enforced
3. It will take too long--or never happen
It is my opinion that irresponsible corporations should not be allowed to lobby the Congress. Kind of like not allowing poorly performing contractors to obtain additional government contracts.
Funny thing: I don't see this happening, as long as corporations successfully claim the right of free speech (i.e., lobbying access w/no oversight) without also demonstrating the responsibilities that citizens are held accountable for. You know, like obeying the law.
[ link to this | view in chronology ]