ChoicePoint -- What We Learned from Our Screw-up 60
xpangler points out an article in Baseline magazine in which "ChoicePoint's lead privacy & compliance executives talks about the 'more than 30' new practices and procedures the company has put in place since it mistakenly sold private data on 163,000 people to Nigerian criminals last year."
Lesson 1 (Score:5, Funny)
Re:Lesson 1 (Score:3, Funny)
Okay, I certainly won't trust you anymore then...
Re:Lesson 1 (Score:4, Funny)
Wait, wait, wait - we're not supposed to trust Japanese-Americans?
Re:Lesson 1 (Score:2)
I don't bear any ill will to Japanese-Americans. I don't really believe that all Japanese-Americans say things like "Greetings!" and "Honorable", all while speaking in ODD CAPITAL LETTERs. It's only Hollywood that wants me to believe this. Well, that and some of my manga. I trust Hollywood much more, though. They speak truth in every scene of every work.
See, you can find ou [wikipedia.org]
Re:Lesson 1 (Score:1, Funny)
A wikipedophilia-link does not make your statement funny. We mod you "troll" because there is no "unfunny asshole"-option.
Re:Lesson 1 (Score:4, Insightful)
Re:Lesson 1 (Score:2)
Karma reduction in 5, 4, 3...
Comment removed (Score:5, Insightful)
Re:Mental translation (Score:4, Insightful)
I think you've hit a good point, that people have no say as to what is done with their info. There really needs to be a mechanism, or a form or something where I can tell Choicepoint to delete any records having to do with me.
Re:Mental translation (Score:2)
But that is their business -- handling and selling your information
It would be more accurate to say that Choicepoint has no business if not handling your information (for better or worse).
Re:Mental translation (Score:1)
How many other companies give you that option? Even my auto mechanic has my address, phone, cell, email, and car information. If I don't go to him anymore and I go back and say delete my information, does he have to? What he wants to include me as a customer to financial backers when he expands? In any event, where's the proof that it's gone? It's certainly a frustrating
Eventually this will get established (Score:1)
Eventually, someone will be seriously hurt by data loss/theft/whatever.
Evenually, the data broker will be forced to pay with blood, money, or time in jail.
Most likely, someone with substantial assets will get bitten bad and still have what it takes to sue the broker out of business...then the legislature AKA lawyers will get involved.
Re:Mental translation (Score:3, Interesting)
Emphasis mine.
Maybe it's just me, but a roomful of CxOs, including the CMO (WTF? What's wrong with VP of Marketing?[1]), plus a
Re:Mental translation (Score:3, Funny)
[1] Speaking of stupid CxO titles, what the hell is a "Chief Administrative Officer"?
a) Chief Administrative Officer - in charge of paper clip chains and bottom photos from the copiers
...and this Commander Throckmorton, our Chief Administrative Officer.
b) Chief Administrative Officer - new member of the Enterprise bridge crew:
Picard:
Re:Mental translation (Score:1, Insightful)
That thinking is totally backwards. They made a big mistake, the punishment was very minor. They make a mistake again and they then do something illegal and suppress the mistake and they get slammed? This is just like hit and run, if you run into someone, often if it's considered an "accident", you are fine, UNLESS, you run, then you're screwed. Better to take the b
Comment removed (Score:4, Insightful)
Re:Mental translation (Score:1, Interesting)
That was my point. If the worse thing that will happen is a small fine and a hand slap, why would they take the risk of actually doing something illegal and going to jail by actually trying to cover up the mistake?
Re: (Score:2)
Turn off the spin (Score:4, Interesting)
It was a total of $15 million, plus another $4 million in other obligations imposed by the FTC (like third party auditing). Insurance covered $11 million of the $19 million, but Choicepoint had to pony up $8 million of their own money. If you look at their financial statments, you'll see that it's no slap on the wrist - it represented half of their cash. In terms of yearly income, it's about 7% of what the company makes. Plus, I suspect that their insurer will either raise their liability insurance rates or drop them altogether.
I'd say that the penalty was fair. It's not necessary to drive the company out of business - just necessary to give them a sting so that they don't do it again.
-h-
Re:Turn off the spin (Score:4, Insightful)
No, sorry, that doesn't cut it with this old fart. Until they are put out of business, and their database put in escrow for purposes of forensics traceing only, with it to be preserved on non-networked servers that it takes a federal court order to gain access to, such shennanigans will continue. While they're at it, I'd be in favor of the top floor executives haveing a hand amputated in the grand old arab justice manner. Maybe both hands for the President of such a company.
I frankly could care less about the collateral damages from putting many of such a companies rank & file people out of work, they knew full well the type of business they were working for. I cannot seriously seperate those people from all the 419 scammers in Nigeria. They're all birds of a feather. Put them out of business, mark them physicly for life and make it damned clear that this is what will happen to everyone that abuses the data they are in charge of. Then and only then will these leaches turn honest.
--
Cheers, Gene
Re:Turn off the spin (Score:1)
Cheers.
Re:Turn off the spin (Score:2)
You're missing the point. This isn't about "punishing" a single incident. It's about Choicepoint's whole business model, which would be illegal in a sane world.
Until they radically restructure themselves to make their money in some other way, they shouldn't be in business.
Re:Turn off the spin (Score:2)
So the company gets off the hook by having employees and hiding the truth from them. You have a strange sense of moral
Re:Turn off the spin (Score:2)
Re:Mental translation (Score:2)
if he had stuck around he probably would have gotten charged with negligent homicide or less and gotten less than one year
Re:Mental translation (Score:2)
That's not up to them, however. The only way they can do that currently is to not keep any information whatsoever on a resident of California. Why? Because California has some of the best consumer privacy protection laws on the books. In this case the one that matters is the legally required disclosure of any potential privacy breach of residents. You are required to notify the residents that are affected... and
Comment removed (Score:4, Insightful)
Re:Mental translation (Score:2)
And you call yourself a cynic?
As the scariest part about the original phrasing, I think Carol DiBattiste really means it... As in, she seriously has such a poor grasp of technology that she doesn't recognize "never happens again" as an impossibility.
Any network security novice could tell her that it will happen again. They can take steps to contain such leaks; to minimize what a single attack
Re:Mental translation (Score:2)
Now they need to do quality control (Score:5, Informative)
http://www.baselinemag.com/article2/0,1540,182528
and I was really impressed with the fact that a Home Depot employee spent a week in jail for crimes he did not commit.
Security is only half of it; Accuracy is the other half.
Re:Now they need to do quality control-OOOps! (Score:2)
Re:Now they need to do quality control (Score:1, Interesting)
Re:Now they need to do quality control (Score:2)
Not surprising (Score:2)
Wednesday I get a call from the head of HR wanting to know about my felony charge in Rochester, NY. I'd never been to Rochester and had no idea what she was talking about.
In this case, the company doing the background check had not even bothered to verify my social security number and such. Just pulled up the name, which isn't all that unique.
Fortunately the HR head understood that these things are often wro
Pop quiz (Score:5, Insightful)
Non-US? (Score:3, Interesting)
To who? ECHELON?
Re:Non-US? (Score:1, Informative)
- There is no privacy legislation that has teeth, and
- The government can ask for the data without any real reason and make it illegal to reveal that the data was turned over.
Feel safe, my American colleagues. (Take that pill if it helps).
Do you ever wonder why foreign citizens won't do business with your companies? Why the Canadians won't
Love this quote... (Score:1, Interesting)
Oh. NOW. That would have been my first idea. Sensitive data? Encrypt it!
That's why I don't work in network security.
Re:Love this quote... (Score:1)
Didn't read the article. (Score:2)
Re:Didn't read the article. (Score:1)
I bet they could afford it now...
Progress Indeed (Score:2, Interesting)
Their Other "Mistake" (Score:4, Interesting)
Re:Their Other "Mistake" (Score:3, Insightful)
Re:Their Other "Mistake" (Score:2)
Its pretty clearly up to Choicepoint to provide accurate data, otherwise if there is no accountability they might as well just make up a bunch of names and use those instead.
If their source was bad, they should have either found another source to validate the data (they should be doing that a
Re:Their Other "Mistake" (Score:3, Insightful)
Actually, no. Per state law requirements, ChoicePoint was hired (by Democrat Ethel Baxtor) to provide a list of possible convicted felons to each county, and each individual county election supervisor was required to verify the names on the list, provide an avenue for appeal, and ultimately remove previously convicted felons from the
Re:Their Other "Mistake" (Score:3, Insightful)
1) It's wrong. The US Civil Rights Commission failed to find a single person who was incorrectly removed from the voting rolls and not allowed to vote in the 2000 election because of the Felon list.
2) ChoicePoint had no authority or means to remove voters from the rolls. Only the local county election officials did. 3) That was 6 years ago, and most whiny liberals have given up crying about this non-issue by now.
4) Subsequent independent media rev
What I learned from Their Screw-up (Score:3, Insightful)
Re:What I learned from Their Screw-up (Score:1)
Then they'd kick your dog.
Joke? (Score:1)
This is a joke, right ?
Re:Joke? (Score:2)
Consider the Source (Score:3, Interesting)
mistake? (Score:1)
Re:mistake? (Score:2)