Tuesday, February 13, 2007

Too bad TJMX wasn't an ISP

According to SANS: "US Congressman Lamar Smith (R-TX) has introduced the Safety Act, which
would require Internet Service Providers (ISPs) to retain all customers' web surfing, IM conversations and email traffic indefinitely. ISPs failing to comply would face fines and a one-year prison term."
See: News story.

The point of the legislation is to facilitate investigations by law enforcement. However, this is potentially another slap in the face of privacy.

But on another note, have Smith and his supporters not been paying attention to what's been going on in the financial industry? TJ Maxx is in trouble for holding onto data that it did not need, and that it was legally bound not to. Holding on to masses of private data "just in case" is a recipe for disaster. Rarely will that data be utilized for the "just in case" scenario that it was intended to be kept for. It is more likely that such data will fall into the wrong hands and be utilized for nefarious purposes.

Representatives Bobby Rush (D-Ill.) and Cliff Stearns (R-Fla.) do get it. Last week they introduced the Data Accountability and Trust Act, which would authorize the Federal Trade Commission (FTC) to establish data privacy requirements for businesses. Companies would be required to conduct vulnerability assessments and develop and implement policies for eliminating data they no longer need.

Mr Smith's family obviously did not have any dealings with TJ Maxx. Or maybe he's just a narrow minded idiot. ... Or MAYBE it really wasn't Smith who sponsered this bill, but someone who stole his identity and is promoting this ridiculous legislation in his name to ruin his reputation!

No comments: