My editors like me to spend most of my focus on consumer-related material, but once in a while I have to say a few words for business owners. For them, there are extra concerns, additional considerations that most consumers never have to worry about. I've been a fan of supporting local business owners since I was a kid, so I'm talking mostly to them for this article, a quick bit of insight on a specific process - the data breach recovery plan.
Sometimes I get in the most interesting conversations with people. I'm the sort that typically engages someone personally, instead of making idle talk over the weather or latest news stories. But even then, they can plague my mind for days afterwards. Especially when they start talking about things I know something about, like the American surveillance culture, brought to light by Edward Snowden earlier this year.
I don't always tell people what I do, either, when we get in conversations like that. I have found people tend to be more open when they aren't censoring what they say to be "politically correct". And that's really the point behind why I oppose blanket surveillance in general.
Most of my articles are focused on you as a consumer, whether we're discussing identity theft specifically, or the laws and issues surrounding privacy. But I wanted to take some time to give you a great piece to email the companies with whom you do business. After all, you can only do so much to protect your identity, and everyone knows the holidays are fraught with financial dangers. The real people who need to be thinking about your private information are the ones actually collecting it from you as part of doing business.
Guest Author Mac McMillan addresses what may be the single most important element in an effective and efficient national healthcare system - being able to correctly identify the patient and their associated health record. The term is "interoperability".
The concept of national healthcare is that, when I and my family move across the country, we can receive healthcare identical to what we were getting before the move. Mac points out that, without interoperability, that's simply not going to happen.
Sometimes I never know where my email will take me. As you might imagine, there are plenty of companies promoting identity theft related articles my direction. Some are better than others, but they usually send me down a road of looking into something so I can tell you what I find.
Naturally, I find something relevant in most press releases thanks to spam filters and selective subscription habits. Earlier this year, I was led to TunnelBear - which looks to be one of the most secure anonymous services I've seen.
But be warned. There is also a worrisome undercurrent of sentiment that seems to subtly associate being privacy-minded with creepy stalkers and underworld (and terrorist) activities.
When it comes to responding to a data breach from a company's point of view, guidelines aren't always cut-and-dried. All the government says is that data must be protected and that the company needs to have a process in place to address the eventuality. How that happens is left up to the company itself.
Best practices help companies address the same sorts of issues in similar ways. Sometimes best practices are written into laws (like OSHA) while other times they become conventions (like what sort of power plug your cell phone uses.)
Implementing best practices can save your company when it comes to data security and dealing with identity theft.
SouthWest recently settled a FACTA-based lawsuit, alleging they printed credit card expiration numbers on electronic receipts over a period of about six and a half years. This may mean a small check to a few flyers, but mostly the case should serve as a warning to small business owners.
The message is simple: keep your software up-to-date with current laws. The cost of not doing that could be far more than one might expect.
We use Twitter, Facebook and other social media sites to keep in touch with the people who are important to us, and maybe the people who feel we are important to, as well. But the ease of communication relies on technology that is easy to exploit, if you know how to do it.
For example, companies like BlueJay gain special access to the main stream of data used by all Twitter users (in this case) to provide anyone with real-time location information, and allow them the ability to track your every move online. No special software is require, no search warrant, and no license. Sometimes the comparison to the "wild west" is more appropriate than we might care to admit.
Technology has already drastically changed the way we think of privacy today. From facial recognition software on Facebook to wallets that scan your fingerprint to open, we are finding more and more innovative ways to use technology to protect ourselves.
But we are also seeing a dualistic argument in the ranks of law enforcement, both federal and local, when it comes to the public having this sort of technology. The dualism comes from the fact that law enforcement feels there should be unfettered and unrestricted access for themselves, but do not want to contend with the loss of privacy when citizens gain access to the same technology.
For some reason, I want to go read Animal Farm again....
The idea of privacy has drastically changed in just the past few months. Americans are accustomed to being free to do pretty much whatever they want, whenever they want, unless they are breaking a law.
More importantly, there used to be a need for the government to suspect a citizen was breaking some law if they wanted to keep tabs on what s/he was doing. This is no longer true, and those who are concerned about privacy are going to be hard-pressed to find any real privacy to protect. Our society has allowed enough Federal surveillance that it will be all-but-impossible to put an end to it now.