Privacy experts debate worth of mass data collection

[Lee J <lee () riskbasedsecurity com>]

http://www.scmagazine.com/privacy-experts-debate-worth-of-mass-data-collection/article/318055/

The value in troves of data gleaned by the government is contingent on a
number of factors, often making for an unbalanced trade off in citizen
privacy, according to experts.

On Thursday, a panel of thought leaders debated the topic during a keynote
at SC Congress New York <http://congress.scmagazine.com/page.cfm/link=4>titled
“Expectations of Online Privacy During a National Crisis.”

Lisa Sotto, partner and head of global privacy and cyber security practice
Hunton & Williams, spoke on the perceived worth of expansive data sets.

“Big data experts will tell you that these huge collections of data are
actually useless,” Sotto said. “You have to know in advance what you're
searching for to collect what you need, and to get to your answer. But
these mass repositories are not useful.”

Orrie Dinstein, chief privacy leader and senior IT and Intellectual
Property counsel at GE Capital, said that the worth of mass data
collections depends on what kind of information it is, for example,
corporate data vs.that gleaned from social media sources.

Dinstein also added that significant findings from massive data sets can
take time to surface.

“With big data, one of the interesting things is that you often do not know
what you're going to find in the data when you collect it – and many of the
beneficial uses of the big data databases emerge months or years later,”
Dinstein said.

Adding to the discussion, an audience member challenged the ease with which
individuals and companies should be willing to accept concerning levels of
surveillance heralded in the name of national security.

He pointed out that if an individual's personal email account, for
instance, was being accessed by a foreign government, it would leave them
in a far less vulnerable position than if their own government carried out
the deed.

“The United States government can touch me,” the audience member said,
addressing the threat of action by law enforcement.

Earlier this month, the American Civil Liberties Union (ACLU) took a stance
involving this very concern on government surveillance.

The group filed a lawsuit against the Justice
Department<http://www.scmagazine.com/aclu-sues-justice-department-to-spur-response-on-surveillance-info-request/article/317230/>
last
Thursday to spur its response in providing information on its
data-collecting tactics.

ACLU filed a *Freedom of Information Act* (*FOIA*) request in late March
seeking records that might show when DOJ evoked the *FISA *Amendments Act
(FAA) to glean data used in criminal prosecutions.
The organization alleged that defendants weren't notified of the
monitoring, a practice that has “shielded warrantless wiretapping from
judicial review." After waiting several months to hear back on the
requested information, ACLU filed the suit in a U.S. District Court in New
York.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.