Back in 1999, when we were putting together The Surveillance Society project at MPR, privacy concerns were still in a quaint stage. We figured the threats to our privacy were surreptitious individuals mining the data after hacking into some giant mainframe somewhere and stealing nuggets about ourselves. It’s still true. It’s a threat.
We didn’t imagine that the data that would be stolen was quite often the information we willingly give and that it would fall into the hands of others primarily because of simple incompetence of those who collected it.
In the U.K. last week, the personal data of 25 million citizens — everyone in the country who receives child benefits — disappeared when a clerk in the Revenues and Customs Department mailed (as in snail mailed!) the disks. They didn’t show up at the audit agency that was supposed to audit them and nobody knows where they are. “This is the biggest privacy disaster by our government,” said Jonathan Bamford, assistant information commissioner. Right.
Certainly some federal bureacrats in this country can relate. Last year, 26.5 million veterans had their Social Security numbers leak when a Veterans Affairs employee took the laptop with the data home. The home was burglarized and the data disappeared.
There are, of course, actual bad guys out there trying to steal your private information. But the real problem, according to Ben Worthen at the Wall Street Journal, is employees of the government and private companies don’t understand the value of your data in the first place.
The perception problem: When workers lose a computer disk or a portable storage device such as a USB memory stick, they seem to look at the $20 it will cost to replace the device, not the value of the data inside it. (It’s like valuing that theoretical $10 million shipment by the cost of the briefcase and not by the cash inside.)
Maybe the bosses should see this online calculator, which calculates the cost of any privacy breach to a company.