Let’s get a national breach notification requirement once and for all

October 10, 2018 by Henry Meier, State of Mind

If Watergate taught us anything it’s that the cover-up almost always ends up being worse than the crime. Apparently the wunderkind who run Google were apparently spending too much time programing to absorb this basic lesson of history. On Monday they announced in this incredibly cryptic blog that the personal information of hundreds of thousands of users had been compromised.

So what Henry? Data breaches have become as common place as political rancor. What really is going to get Google in trouble is the cavalier way in which it decided to withhold information from the general public, correctly concluding, according to the Wall Street Journal that the legal liability it faced for disclosing the breach was more than outweighed by the PR hit it would take. Ironically, its actions underscore precisely why it’s time to have a clearly articulated federal standard for reporting data breaches.

As a citizen who can’t avoid using Google even if I wanted to, I deserve to know when my personal identity is at risk. And as a lawyer who advises organizations that have to often clean up the messes caused by data breaches, it’s time to have clear rules of the road. Right now there is too big of a divergence between doing the right thing and what is legally required.

Let’s get a national breach notification requirement once and for all

Featured

Order ahead, stay ahead: Exceeding member expectations

Paul Simon’s lyrics: Lessons in leadership

Catching members on the way up

The CUInsight Network podcast: Advancing leadership – DDJ Myers

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!