If you haven't heard about it yet, Epsilon, a company that stores consumer information, had a huge security breach and millions of email addresses connected with names were exposed to a third party [LINK] Now, as for myself, in the past few days I've received a ton of email notifications from various retailers and financial institutions telling me I should now be wary because of this breach. Epsilon insists that none of the emails and names were connected to financial data or personal data like social security numbers, but how much of that is certain? At the very least, people on that list will now start getting a lot more spam. This makes me think about privacy, and how much we expect from large companies who are charged with protecting sensitive data. Look at social media sites like Facebook, where every bit of data is gleaned and stored, and then sold to third parties. People say "don't put your information out there for others to see", and for social sites like Facebook and Myspace, that's true, but for companies like U.S. Bank, Target, Best Buy, collegiate institutions, what do you do there? If these third parties didn't get access to CC# and SS# info, how close were they? How well protected is that information? As a note, I'd like this to be in Misc instead of Sci/Tech because I'm focusing more on the social aspects of it, not just the technology aspects of it. So, what are your thoughts?
I think people should be able to sue these companies(I don't know if they can or not) I also think that all of this stuff has gotten out of hand. Maybe some legislation is needed to protect against the "protectors". Who watches the watcher?
You could sue for negligence .. they would have to prove that they did everything that would be reasonably expected of them to protect the data. BUT! You haven't sustained a loss and you haven't been harmed. I don't see you getting much of a payout.
I am not a lawyer. I am sure a good one would find a way to sue. That said, I would have thought either direct financial loss (your money is stolen), damage or loss to your property, or injury to yourself, would be the only things you can sue for. Illusionary things like 'privacy' deserve illusionary payouts.
I'm not a lawyer either, but I'd imagine a class action suite since so many people are involved. Maybe you can sue for damages, breach of trust or contract. Since you are entrusting these companies with your info, you are in a contract with them. They have to be held responsible some how. Maybe there should be and FDIC type thing for this. If it happens enough, hopefully State legislatures will start coming up with something. Like I said, I'm not a lawyer, just throwing ideas out there.
Me knowing your email address doesn't make it a contract, but me providing you with a service certainly does and whatever the terms and conditions of my looking after your private data is would form part of that contract.
I could see that. I wonder if it would work? Privacy isn't supposed to be an illusion. Someone can't tear down your door to your home and enter legally without your express permission. Well, yes and no. There are usually fine print clauses for companies that collect your data and store it in third party servers. An FDIC type service would only work to recover your lost data, it probably wouldn't help in any other way.
I've done it when the men's room was closed, yes. Might be different in your country. I don't know. What does this have to do with the issue of who has your email address?
Gaining access to something in which you are not permitted to gain access. Trespassing. Stealing. Invasion of Privacy. In the U.S., it's protected by the 4th and 5th Amendments to the Constitution.
You've bought into the cultural delusion that signage matters. Or are we back to talking about email addresses? I'll assume you are. - Gaining access to something in which you are not permitted to gain access. Way too fuzzy to be illegal. - Trespassing. Obtaining a copy of your email address is neither trespass to the person nor to any real property. You can't trespass on intellectual property. - Stealing. It would be stealing if I hijack your email address. Merely knowing what it is - no. - Invasion of Privacy. Well, if that is law, then it's law. My concern is more that 'privacy' doesn't exist in any real sense. So how can someone invade it?
That's interesting. Just yesterday, I noticed that my Hotmail "Junk" folder seemed to be filling up more quickly than usual. It might just be coincidence, but it makes you wonder.
Privacy is protected under the 4th and 5th amendments to the U.S. Constitution. Epsilon is a U.S. company. Data storage is a vital part of commerce, and it all comes down to trust. Epsilon is trusted to keep private data safe, particularly if it's third party processing data that involves credit cards and home addresses. The reason this is a concern, is because while Epsilon states no personal ID was stolen, how can I trust that to be so? I also strongly disagree that you can't trespass on intellectual property. You can. It's called "plagiarism" and "infringement". I wouldn't doubt it has something to do with that. Epsilon stores massive numbers of email addresses along with other processing information. I just got an email from Walgreens this afternoon. This makes number 9 for me regarding this issue with Epsilon. My spam folder has tripled it's normal storage since the other day.
I got an email from Hilton, telling me their database was managed by Epsilon and may have been compromised by this breach. That's the only email I've had about it. I haven't noticed an upswing in spam, at least not yet. Fingers crossed I got lucky. Funny thing is, I haven't even stayed in one of their mediocre hotels for years, but I guess my email is still on their HHonors database. I wonder if I have any points left after this time; IIRC they got removed after a year or so, so I'm surprised my account hasn't been wiped. Probably been busted all the way back down to Blue instead. As long as only email addresses have been accessed, I can't say I'm too bothered.