Mar 9, 2009

Deirdre Mulligan Discusses Security Breach Notification Laws

From Wired News

Do Breach Notification Laws Work?

By Kim Zetter

Consumers caught in a national epidemic of data spills are growing numb, discarding breach notification letters as junk mail rather than acting to protect their identity, experts say.

And though most states now have laws requiring companies to warn breach victims, some serious breaches are still showing up on customer credit and bank statements before any official warning has been issued. It all begs the question: are the notification laws working?

... Consumers often express anger and mistrust toward companies that lose their data, but it's unclear how often that anger translates to action. According to Deirdre Mulligan, a professor of information technology law and policy at UC Berkeley's School of Information, a Ponemon study found that about 20 percent of respondents claimed to have terminated their relationship with a company after discovering that the company experienced a breach.

... Consumers, Mulligan told Threat Level, have a tendency to say they're going to do one thing when they actually do another, and companies also can't be relied on to honestly report the numbers of customers they lose from a breach....

Read more...

Last updated: October 4, 2016