The New Vulnerability: Data Security and Personal Information
SECURING PRIVACY IN THE INTERNET AGE, Radin & Chander, eds., Stanford University Press, 2008
27 Pages Posted: 30 Aug 2004 Last revised: 27 Feb 2014
Date Written: August 9, 2011
Abstract
This book chapter was originally written for a conference on privacy and security at Stanford Law School held in March 2004. The chapter argues that abuses of personal information are caused by the failure to regulate the way companies manage personal information. Despite taking elaborate technological measures to protect their data systems, companies readily disseminate the personal information they have collected to a host of other entities and sometimes even to anyone willing to pay a small fee. Companies provide access to their record systems over the phone to anybody in possession of a few easy-to-find pieces of personal information such as Social Security numbers, birth dates, and mothers' maiden names. Reforming this problematic state of affairs requires a rethinking of the way the law comprehends the abuse of personal information. The law fails to focus on the causes of information abuses; instead, it becomes involved when information misuses such as identity theft actually occur, not earlier on in the process. If the law addressed information leaks and insecurity, it would more effectively curtail abuses.
Keywords: privacy, security, identity theft, Social Security numbers, data
JEL Classification: K10, K13, K20
Suggested Citation: Suggested Citation