The Equifax data breach has sent shock waves like we’ve never seen before. Some consumers are only now starting to realize the lasting damage and harm that this breach will have on their lives. Thank you for all of your calls and emails. Please continue to send concerned family, friends, co-workers to us at Equifax@Stritmatter.com. Yes – we have heard from folks from New York, Florida, Virginia, Arizona, California, etc.– a former employee of Equifax, data privacy experts, and reporters who are trying to separate fact from fiction.
I promise to write more soon, as I continue to try to respond personally to as many emails/calls as I can. But please let me address one pesky fiction that occasionally rears its head on corporate-leaning media outlets and individual’s social media posts: A class action against Equifax will address a deep-rooted systemic problem that puts all of us at risk. I cannot speak for all lawyers. But please think twice before rushing to judgement against those of us who are committed to advancing consumer rights. I will point to our work in the massive Anthem data breach litigation: Significantly, as a result of the Anthem settlement, they have helped all affected from the breach by holding Anthem accountable. The agreement includes a court enforced term that will hold Anthem to a more rigorous standard in its safeguarding of Personally Identifiable Information (PII). Anthem will have to spend at least $90 million annually on beefing up its cybersecurity practices for the coming years. At minimum, my clients will get awarded between $5K -$15K each. Then, there are dozens of attorneys like myself who have invested countless hours and dollars (yes – pursuing class actions costs money) and we will not want to retire anytime soon. BTW: note that federal law has a strict limit on attorneys’ fees.
Thanks to all of you who have contacted us with your stories, questions and concerns. As with our many other clients, we want to help give you a voice and make sure that you recover from this historic data breach.
Why do people not care about Privacy? Some will offhandedly claim, “I have nothing to hide.” Others will say that big data and government surveillance should not concern those who are law abiding and innocent of wrongdoing. But the problem with this response is that it reveals a lack of understanding regarding the value of privacy. Privacy is not a mere shield or wall to hide certain details about us from others. The concept is not reducible to single acts of intrusion or violation of one’s personal sphere. To think about Privacy in terms of someone peering into your window to watch you with your family is to focus on only one tiny strand of tapestry or one grain of sand in a beach.
Think of the value of Privacy this way: If you drank one glass of lead-laden water from Flint, would you see a quick path to cancer or any other potentially deadly disease? Probably not. But the problem for those in Flint was that they drank water contaminated with lead for years. The cumulative effect, the acts taken in the aggregate were what caused so many in Flint to suffer irreversible health problems.
This is the same way the Privacy violations harm each of us and our society as a whole. The information collection, aggregation, insecurity, increased accessibility and decisional inferences/interference (“decisional interference” was coined by Prof. Daniel Solove).
While nebulous, Privacy is important because it affords individuals a basic amount of autonomy and control over facts and details that make each unique. In the aggregate, “big data” seems harmless. But as we have seen, there are many ways to hack and identify personally identifiable information (PII). When the PII and/or valuable data sets of individuals get in the wrong hands, one loses control over their finances and their digital existence. One of my data breach clients suffered and continues to see fraudsters obtain lines of credit, obtain a Washington State driver’s license, and so on. Folks: This is NOT Privacy Paranoia. It is a well informed fact that we need to care about how our PII is disclosed and safeguarded.
Most people do not realize how their data is getting sold in myriad forms either legally or illegally. I will talk about this more in future posts. That private data has value in virtually every imaginable industry. If it matters to others, it certainly should matter to you. At the very least, to value your Privacy is to value control over the information that is accessible about you. If you don’t care about having that minimal amount of control, then feel free to broadcast your SSN along with all of your family’s SSNs and dates of birth.
Tomorrow, January 28, 2016, is Data Privacy Day. Big deal? It actually is: The first Data Privacy Day that occurred in the United States and Canada was in 2008, which was observed as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981 signing of Convention 108, which was the first legally binding international treaty dealing with privacy and data protection.
Now led by the National Cyber Security Alliance (NCSA), Data Privacy Day has become the signature event promoting privacy awareness. Without committed defenders of privacy, like the Electronics Frontier Foundation, we would not have seen a complaint filed with the FTC against Google for unauthorized collection of school aged children’s information, when they are using Google Apps and Chromebooks in their schools. Google’s unauthorized collection of personal information from school children via Chromebooks and Google Apps for Education (GAFE)—caught the attention of Senator Al Franken, a ranking member of the Senate Judiciary Subcommittee on Privacy, Technology and the Law. Franken responded by writing a letter to Google CEO Sundar Pichai asking for information about GAFE’s privacy practices.
The first step to ensure that our student privacy campaign succeeds, is to educate ourselves as parents. This way, we can direct our energy and knowledge effectively. On this Data Privacy Day, take the time to check out the resources that the Electronic Frontier Foundation compiled to regain control of your children’s privacy. Please spread the word about student privacy by sharing these and similar resources with other parents!
I can’t emphasize enough how important it is that parents understand their and their children’s rights. We live in a world where parents may be asked by schools to waive those rights before their youngsters are permitted to use technology in the classroom. Third parties will too often encourage parents to give schools consent to release their children’s information to those very third parties.
Interested in becoming part of the “privacy defender team?” There are many ways in which you can get involved.
- Create a culture of privacy at your organization.
- Own your personal online presence.
- Share your privacy knowledge with your local communities.
- Attend a Data Privacy Day event.
- Become a Data Privacy Day Champion.
Can you imagine a world without Google? I can’t.
I have a Droid phone as well as an iPhone. But everything tethers to my Google world — contacts, maps, videos, etc.
It wasn’t always this way, but internet marketers (including Google) have figured out that the key to making money off of content is via online profiling and highly targeted advertising. If you Google something or shop on Amazon, do you notice how your latest online shopping follows you to online news sites, your gmail, yahoo mail, etc? That’s how sophisticated online marketing has grown. (As I mentioned elsewhere, I too used to work in the online marketing/high tech world. We would hear concerns about privacy, but needed to tune them out to figure out how to get the most bang for our clients’ marketing/advertising dollars.)
Finnish security researcher and chief research officer Mikko Hypponen tried to vow a life of unGoogleness. After all, he understood his privacy was threatened every time he broke his vow. But, try as he might, he couldn’t.
Hypponen spoke at a WSJ technology conference, WSJDLive, openly confessed that the Internet has evolved into a privacy nightmare because of the users’ reliance on “free” services. (I will talk more about “free” and sex in an upcoming blog post.)
“I really tried getting rid of Google,” he said. “You can’t avoid Google. We are way beyond that.” True that.
Let me know if you’ve succeeded in upholding the vow of nonGoogleness. I’d love to know how you did it!