BreachExchange mailing list archives
Re: UK: Police personal data found on discarded floppy
From: Brian Honan <brian.honan () bhconsulting ie>
Date: Thu, 27 Dec 2007 10:09:41 +0000
Don't forget that under EU, and UK, Data Protection legislation businesses and organisations are obliged to protect the personal information they hold on their customers and in some cases their staff. While the EU Data Protection legisation places obligations on companies to protect this personal data, there are no significant breach disclosure laws. So in my opinion breaches of this nature within the EU are significant as they could be in breach of the Data Protection legislation and we need to publicly know what breaches are occuring so that we can better argue for the introduction of data breach disclosure laws. Brian On Thu, 27 Dec 2007 04:40:52 +0000 (UTC), lyger <lyger () attrition org> wrote:
On Wed, 26 Dec 2007, Michael Hill, CITRMS wrote: ": " We get that question a lot in our business and here's how we answer it. ": " ": " "Mr. (Business Owner) if I call into your business and ask for your home address and phone number, will you or whomever answers the phone going to give it to me?" I think not. The home address and phone number is just the first step to getting your identity stolen. Not to take things too far, but I guess that was my part of my point. If someone cold-called my place of business and asked for that information, I wouldn't be willing to give it out. However, what's to stop anyone from getting a copy of the White Pages or just getting online and hitting Google or a dozen other search engines for the same information (if the person in question is listed by such)? By the way, Adam made a good point about wanting a broader realm of disclosure for tracking and analysis. I wasn't trying to criticize the content of the original post; it was more about opening discussion as to what might be considered "personal", "private", "public", or "other". Any other thoughts? _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
-- Brian Honan BH Consulting Helping You Piece IT Together Tel: +353-1-4404065 Mob: +353-86-8114066 Email: brian.honan () bhconsulting ie www: http://www.bhconsulting.ie Support Global Security Week http://www.globalsecurityweek.com This message is for the named person's use only. If you received this message in error, please immediately delete it and all copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Any views expressed in this message are those of the individual sender and not of BH Consulting _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- UK: Police personal data found on discarded floppy Dan O'Donnell (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy Adam Shostack (Dec 26)
- <Possible follow-ups>
- Re: UK: Police personal data found on discarded floppy Michael Hill, CITRMS (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy Chris Walsh (Dec 26)
- Re: UK: Police personal data found on discarded floppy Brian Honan (Dec 27)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)
- Re: UK: Police personal data found on discarded floppy lyger (Dec 26)