Consumers care deeply about privacy but take few steps to protect themselves. Most Americans want control over their personal data and what is collected about them, yet few change their online behaviors to avoid tracking. Stolen identities and data records are frequently bought and sold on the dark web, with social security numbers sold for just $1. The average cost of a data breach for large companies is $6.5 million. As more devices and records are connected, privacy risks grow substantially without comprehensive privacy laws or protections.
Americans Want Privacy but Struggle to Protect Their Data
1.
2.
3. 93% of adults say that
being in control of who
can get information
about them is
important
90% say that
controlling what
information is
collected about them
is important
4. Consumers don’t seem to care
90% of Americans want privacy, less than 10% believe they can
get it
91 percent had not made any changes to their internet or cell
phone use to avoid having their activities tracked or noticed
www.geekwire.com/
11. In the U.S. there are about 50,000 sources
of data for reaching individuals
a total of about 70 billion records
about 200 records per individual
The next highest you'll find worldwide is only
about six or seven per person, and that's the
U.K. and Japan
14. Dark Web
The Dark Web is one place where stolen information is offered for sale.
Accessible through the Tor network, the underground comprises of stores and
websites entrenched in illegal activities ranging from the sale of data to hacking
tools to drugs and weaponry.
• A Russian crime ring has amassed the largest known collection of stolen
Internet credentials, including 1.2 billion user name and password
combinations and more than 500 million email addresses, security
researchers say.
• And in October 2013, federal prosecutors said an identity theft service in
Vietnam managed to obtain as many as 200 million personal records,
including Social Security numbers, credit card data and bank account
information from Court Ventures, a company now owned by the data
brokerage firm Experian.
16. Direct And Hidden Costs Of A
Data Breach
Source: Forrester Research, Inc.
✔
✔
✔
17.
18.
19.
20.
21.
22.
23. What’s it Cost
The average cost of a computer breach at
large companies in the U.S. was $6.5
million.
The average cost per lost or stolen record
in the United States was $217
Ponemon Institute
24.
25.
26. Highest Global Fraud Nations
35% - Indonesia (all Transactions)
33% - Venezuela
25% - South Africa
11% - Brazil
10% - Romania
Forter
27.
28. On a Personal note:
When (not if) your identity is stolen
①Place an Initial Fraud Alert
②Order your Credit Reports
③Create an Identity Theft
Report
④Change Your Passwords
https://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf
29.
30. Self-governance has been effective in forestalling privacy
judgments. Will it continue to hold the line against class-
action lawyers, privacy activists, and rampaging
technology?
31. Telemarketing Sales Rule
FTC’s Privacy Report: Balancing Privacy and Innovation
The Do Not Track Option: Giving Consumers a choice
Making Sure Companies Keep Their Privacy Promises to
Consumers
Protecting Consumers’ Financial Privacy
The Children’s Online Privacy Protection Act (COPPA): What
Parents Should Know
Protecting Consumer Privacy
No comprehensive national privacy laws exist outside
ones like COPPA for child privacy rights, HIPAA for
health information, and FRCA for financial data.
32. Will the New Consumer Privacy Bill Protect You?
Bob Sullivan / Credit.com May 1, 2015
A proposed law would beef up your rights when your data is
leaked or stolen.
Leahy has repeatedly proposed legislation since 2005 that would establish a
nationwide notification standard called the Personal Data Privacy and Security Act; it
has not passed.
34. I think that right now is a dangerous time to be a direct
marketer,” says Jay Edelson. He should know. The
Chicago-based attorney makes his living filing class-
action suits against companies that skirt privacy laws.
Stu Ingis of the Venable law firm in Washington, DC—
ranked by several legal guides as one of the top privacy
attorneys in the United States—brands lawyers like
Edelson as bottom-feeders able to convince courts to
see things in laws that are not there.
35. Get Compliant or…
Massive AT&T Consumer Privacy Violation
Results in $25 M FCC Penalty (2015)
$10 M Fine Proposed Against TerraCom and
YourTel for Privacy Breaches (2014)
For Do Not Call violations, Sprint will pay FCC
$7.5 M (2014)
Verizon Fined $7.4 M by FCC For Customer
Privacy Violations (2014)
36. Groups or individuals with expertise in
the area of security or privacy are
invited to register their interest at
iot@truste.com
37.
38. Takeaways
There is a business opportunity here
Consumers believe business and the government
is not doing enough to protect their privacy
Consumers are not willing to change their current
habits
Stealing customer information is very profitable
Be aware of the laws and penalties
Businesses need help once a breach has been
identified
No dominant player
Hinweis der Redaktion
At least 70 lawsuits were brought against Target within two months of notification.20 By March 2014, this figure grew to more than 90 lawsuits.21 Common reasons cited for damages include actual loss from identity theft, emotional distress, cost of preventing future losses, and the increased risk of future harm