Fiasco

9 Aug ’06

The common wisdom on data privacy has been that large, established organizations are more trustworthy repositories of personal information – that they have the means to ensure security appropriate to the privacy of the data, and that this reliability is sufficient to warrant long-term data retention. David Fraser’s Privacy Law blog is a chronicle of data management ineptitude that explodes this myth. But just in case there was any doubt, the AOL data disclosure fiasco has arrived on the scene to trounce whatever bits of that common wisdom that remained.

The data remains online (a surprise to me, because I would have thought it was litigation bait for anyone associated with its hosting), which will ensure continuing publicity of AOL’s contribution to this mess. But that it remains online also signals why this fiasco will not teach anyone any lessons about the dangers of data retention: whether one is earning click-through revenue on ads hosted on the mirror sites that are hosting the data, or selling services derived from analysis of data stockpiles, the data is so commercially valuable that some are willing to court the risk to others of its disclosure. This externality, of course, is what warrants tough treatment for data fumblers.

Some useful posts on the issue: Michael Geist and David Fraser.

Previous post:

Next post: