Privacy
July 14, 2014
Do business, hackers and government know too much?

Concerns are growing among consumers, watchdog groups and lawmakers over whether Americans’ personal online data is safe. The issue was thrust into the spotlight with Edward Snowden’s revelations last year of the National Security Agency’s domestic surveillance efforts. It continued with news of a data breach at the Target department-store chain that was among the largest in corporate history. The White House, Congress and state governments have responded to the public concerns, as has the private sector to a lesser extent. The Obama administration recently conducted a review of how business and government mine “big data” and proposed several new laws and amendments to others. Congress also is taking steps to rein in the NSA’s power and exploring other private-sector solutions. At least 19 states are considering measures to further protect data privacy.

Former NSA contractor Edward Snowden triggered one of the
            decade’s biggest privacy controversies in June 2013 when he exposed details of the
            National Security Agency’s electronic eavesdropping. (Getty Images/Sunshinepress)   Former NSA contractor Edward Snowden triggered one of the decade’s biggest privacy controversies in June 2013 when he exposed details of the National Security Agency’s electronic eavesdropping. (Getty Images/Sunshinepress)

For Americans going online, these can be unnerving times. Hackers have become increasingly adept at siphoning credit-card numbers and other personal data, while companies are vacuuming details that can be used for marketing products. Revelations about government harvesting of sensitive information, in particular electronic snooping by the National Security Agency (NSA), have prompted additional alarm. And activists are resisting the education community’s efforts to create student databases.

A recent Government Accountability Office (GAO) report found the number of information-security incidents in which personal information was involved has more than doubled over the last few years, exceeding 25,000 in fiscal 2013.1 Incidents have increased in scope as well as in number. In November and December, Target Corp. was hit by what is believed to be the biggest hacking of a retail company in U.S. history. Thieves installed “malware” — malicious software — in Target’s security and payments system. The software was designed to steal every credit card used at the company’s 1,797 U.S. stores. As many as 40 million credit-card numbers were stolen.2 Two other infiltrations around the same time also drew widespread attention: A hack of retailer Neiman Marcus’ computer system exposed as many as 350,000 customer credit card numbers.3 And Adobe Systems revealed that its corporate database was breached, exposing up to 38 million usernames and encrypted passwords.4

RELATED REPORTS