Protecting your sensitive data for over 20 years - Netlib
Share |

Thursday, June 5, 2014

Pointing the Finger - Who has Responsibility for Stolen Consumer Data?

See, now this is exactly what I was just talking about last time.  You know, that recent string of data breaches perpetrated against major retailers like Target and Neiman Marcus.  With this recent survey, retailers better hope that the issue of notification laws regarding data breaches gets resolved soon, and that stronger standards are put in place, because consumers are understandably a bit out of sorts about the theft of their personal information.  According to the survey, conducted by data science company Feedzai of 2,000 shoppers across the country, 60% attribute responsibility squarely at these retailers.  The runner up: banks, garnering 13% of the vote.  And a mere 5% of participants believed it is the duty of the consumer him/herself to prevent their personal information from being compromised.  80%, by the way, said the experience is worse than getting the flu – As I have never suffered the flu, I will have to take them at their word.


Now, while it is true that shoppers should always be responsible and vigilant when it comes to their data, and can even alter their own behaviors via such measures as using cash or shopping at smaller mom and pop stores, expecting consumers to suddenly shift their spending habits en masse doesn’t seem too realistic.  It is great to say something like “customers shouldn’t use their credits cards as much so they won’t be put at risk,” but come on.  Credit cards are a major part of our financial systems and institutions, and they’re not going anywhere, for better or worse.  To suggest that consumers—people who make purchases with their cards—are somehow equally at fault if and when their data is compromised by hackers sounds like a bit of victim blaming to me.  As the organizations taking and storing their customers’ data (not to mention their money), they have the lion’s share of responsibility to protect it from theft.

Which is why, ultimately, when people use the online payments system of, say, the California DMV, they should be able to do so without concern for their personal information; not worry that MasterCard is going to send alerts to five different financial institutions regarding a breach involving transactions conducted online, from August 2013 to January 2014.

Angry consumers are not something any company wants to have on their hands.  And that 60% likely isn’t going down anytime soon.  In the end, strong data encryption is a necessity to improve the odds that thieves will be shut down before any fingers can be pointed.

No comments: