Half of all Americans feel less secure about their personal information than they did five years ago. The Pew Research Center found that Americans have little trust in organizations when it comes to their data. Many experts suggest that they have very good reasons to distrust. In 2017, hackers stole personal data from Uber, including names, email addresses, and phone numbers, as well as the names and driver’s license numbers of about 600,000 drivers in the United States. Uber paid the hackers $100,000 to delete the data and keep the breach quiet.
In your initial post, address the following:
- What one change or addition would you recommend to the current laws and regulations regarding personally identifiable information (PII) and privacy?
- How can the government ensure that companies get more serious about protecting personal data?
In your responses to your peers’ discussion posts:
- Discuss whether you agree or disagree with your peers’ ideas on changes to the laws or regulations regarding PII.
References
O’Connor, N. (2019). Reforming the U.S. approach to data protection and privacy. Council on Foreign Relations. Retrieved from https://www.cfr.org/report/reforming-us-approach-d…
Smith, A. (2017). Americans’ experiences with data security. Pew Research Center: Internet & Technology. Retrieved from https://www.pewinternet.org/2017/01/26/1-americans… initial post a couple of paragraphs. response posts one paragraph each
POST 1
Laws in the US protecting PII are inconsistent and unclear. “Companies need clearer rules, and individuals need to be able to incentivize companies to secure data.” (O’Connor, 2018) A significant financial loss in the form of fines would be an effective incentive to encourage companies to more seriously protect personal data. Until it makes sense for them monetarily, companies will continue to do the minimum required to protect personal data.
The procrastination of the US in creating a defined and unambiguous guideline for data protection has cost its citizens. As O’Connor recommends, “The U.S. Congress should join other advanced economies in their approach to data protection by creating a single comprehensive data-protection framework.” (O’Connor, 2018)References
O’Connor, N. (2018, January 22). Reforming the U.S. approach to data protection and privacy. Council on Foreign Relations. https://www.cfr.org/report/reforming-us-approach-data-protection
POST 2
My recommendation to the current laws and regulations regarding personally identifiable information (PII) and privacy for companies to collect only what you need. In many cases, PII may be used only in the verification process. For example, an SSN may be used to verify the identity of an individual, but afterward, the SSN is not necessary. In such cases, companies should not store the SSN because it would only increase the risk for the company. Companies should conduct periodic reviews throughout the year to ensure that data being collected is necessary for daily operations. Not all PII requires the same level of protection. For example, a public directory lists phone numbers with the permission of individuals making its protection less critical. Thus, it’s important to implement a variety of safeguards that address the different risk levels. “Fully 73% of those who have experienced at least one form of data theft say they have refrained from opening an online account due to their concerns about how their information would be treated, compared with 61% of those who have not experienced any type of data theft” (Americans’ experiences with data security, 2020).
Government can play a role by helping to educate the public, by protecting its own infrastructure and by assuring that companies disclose any potential privacy or security threats and adhere to their stated policies (Privacy | USAGov, 2021). It can also set a good example by applying good privacy practices and due process before trying to access citizen’s personal information.
Reference
Privacy | USAGov. (2021, September 7). Official Guide to Government Information and Services | USAGov. https://www.usa.gov/privacy
Americans’ experiences with data security. (2020, August 17). Pew Research Center: Internet, Science & Tech. https://www.pewresearch.org/internet/2017/01/26/1-…less
0 comments