Consumers care deeply about privacy but take few steps to protect themselves. Most Americans want control over their personal data and what is collected about them, yet few change their online behaviors to avoid tracking. Stolen identities and data records are frequently bought and sold on the dark web, with social security numbers sold for just $1. The average cost of a data breach for large companies is $6.5 million. As more devices and records are connected, privacy risks grow substantially without comprehensive privacy laws or protections.

3. 93% of adults say that
being in control of who
can get information
about them is
important
90% say that
controlling what
information is
collected about them
is important

4. Consumers don’t seem to care
90% of Americans want privacy, less than 10% believe they can
get it
91 percent had not made any changes to their internet or cell
phone use to avoid having their activities tracked or noticed
www.geekwire.com/

6. 57%

7. You’d Need 76 Work Days to Read All
Your Privacy Policies Each Year

8. Types of Identity Theft
Malware
Bots
Malicious
Software
Viruses
Worms
Trojan
Horses
Spyware
Rootkits
Keystroke
logging
Hackers
Dumpster Diving
Stolen Wallet
Change of address
Mail Theft
Shoulder surfing
ATM skimmers
/Handheld
skimmers
Overlays
Data Breaches

9. 50%

10. 2 a
day

11.  In the U.S. there are about 50,000 sources
of data for reaching individuals
 a total of about 70 billion records
 about 200 records per individual
The next highest you'll find worldwide is only
about six or seven per person, and that's the
U.K. and Japan

12. According to Gartner, 26 billion connected
devices will populate the world by 2020

14. Dark Web
The Dark Web is one place where stolen information is offered for sale.
Accessible through the Tor network, the underground comprises of stores and
websites entrenched in illegal activities ranging from the sale of data to hacking
tools to drugs and weaponry.
• A Russian crime ring has amassed the largest known collection of stolen
Internet credentials, including 1.2 billion user name and password
combinations and more than 500 million email addresses, security
researchers say.
• And in October 2013, federal prosecutors said an identity theft service in
Vietnam managed to obtain as many as 200 million personal records,
including Social Security numbers, credit card data and bank account
information from Court Ventures, a company now owned by the data
brokerage firm Experian.

15. The price for a simple Social Security number has fallen
to as little as $1.
The price for a medical identity in the US is $20.
One US credit card with a date of birth and Social
Security number: $25
According to BlackOps Partners, a firm providing
counterintelligence and trade secret protection,
corporate espionage costs US companies $500 billion
every year.
© 2014, Forrester Research, Inc.

16. Direct And Hidden Costs Of A
Data Breach
Source: Forrester Research, Inc.
✔
✔
✔

23. What’s it Cost
The average cost of a computer breach at
large companies in the U.S. was $6.5
million.
The average cost per lost or stolen record
in the United States was $217
Ponemon Institute

26. Highest Global Fraud Nations
 35% - Indonesia (all Transactions)
 33% - Venezuela
 25% - South Africa
 11% - Brazil
 10% - Romania
Forter

28. On a Personal note:
When (not if) your identity is stolen
①Place an Initial Fraud Alert
②Order your Credit Reports
③Create an Identity Theft
Report
④Change Your Passwords
https://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf

30. Self-governance has been effective in forestalling privacy
judgments. Will it continue to hold the line against class-
action lawyers, privacy activists, and rampaging
technology?

31.  Telemarketing Sales Rule
 FTC’s Privacy Report: Balancing Privacy and Innovation
 The Do Not Track Option: Giving Consumers a choice
 Making Sure Companies Keep Their Privacy Promises to
Consumers
 Protecting Consumers’ Financial Privacy
 The Children’s Online Privacy Protection Act (COPPA): What
Parents Should Know
Protecting Consumer Privacy
No comprehensive national privacy laws exist outside
ones like COPPA for child privacy rights, HIPAA for
health information, and FRCA for financial data.

32. Will the New Consumer Privacy Bill Protect You?
Bob Sullivan / Credit.com May 1, 2015
A proposed law would beef up your rights when your data is
leaked or stolen.
Leahy has repeatedly proposed legislation since 2005 that would establish a
nationwide notification standard called the Personal Data Privacy and Security Act; it
has not passed.

33. https://www.whitehouse.gov/the-press-office/2015/02/13/executive-order-
promoting-private-sector-cybersecurity-information-shari

34. I think that right now is a dangerous time to be a direct
marketer,” says Jay Edelson. He should know. The
Chicago-based attorney makes his living filing class-
action suits against companies that skirt privacy laws.
Stu Ingis of the Venable law firm in Washington, DC—
ranked by several legal guides as one of the top privacy
attorneys in the United States—brands lawyers like
Edelson as bottom-feeders able to convince courts to
see things in laws that are not there.

35. Get Compliant or…
 Massive AT&T Consumer Privacy Violation
Results in $25 M FCC Penalty (2015)
 $10 M Fine Proposed Against TerraCom and
YourTel for Privacy Breaches (2014)
 For Do Not Call violations, Sprint will pay FCC
$7.5 M (2014)
 Verizon Fined $7.4 M by FCC For Customer
Privacy Violations (2014)

36. Groups or individuals with expertise in
the area of security or privacy are
invited to register their interest at
iot@truste.com

38. Takeaways
There is a business opportunity here
Consumers believe business and the government
is not doing enough to protect their privacy
Consumers are not willing to change their current
habits
Stealing customer information is very profitable
Be aware of the laws and penalties
Businesses need help once a breach has been
identified
No dominant player