In Depth
Privacy Policies: Serving Up Your Customers
The privacy debate is nothing new. But it will heat up as the lines between security and privacy blur.
By Meg Mitchell Moore
JetBlue is mum on the subject of exactly why it ignored its own privacy policy and turned over the customer information to Torch Concepts, but a press release on the company's website says that it did so "at the special request of the Department of Defense." Responding to such requests, privacy experts say, if indeed they occur, is likely to do more harm than good.
"There isn't just one big soup of data out there that should be interchanged between private companies and the federal government," says Harper. "Companies aren't helping national security very much when they do share data with the federal government, and they are certainly hurting the privacy and civil liberties of their customers."
Companies, for their part, might see it differently. "In the United States, I really haven't found a company that has a problem sharing information with the federal government when specifically asked," says Dave Miller, CSO of Covisint, a business-to-business service provider for the global automotive industry. And, although Covisint's position in the B2B world means that it doesn't collect and store personal information about individuals, Miller's interactions with international companies have made him painfully aware of the different ways Americans and Europeans view privacy (see "Across the Pond," Page 36). European customers, Miller says, want to know what would happen if the U.S. government ever presented Covisint with a subpoena. Would Covisint give up data? "We'd have to," says Miller. "And so the European companies say, 'Help us figure out a way so that answer to that is no.'"Zealotry May Get You SomewhereSpend some time on a privacy activist website at www.dontspyon.us, and you'll see that some customers don't take kindly to having their information given out in the name of national security. The website happily hauls over the coals companies that its founder, Bill Scannell, thinks have violated the privacy rights of consumers. Among recent targets of his wrath are Delta Air Lines and data vendor Galileo International, both of which reportedly agreed to cooperate with the Transportation Security Administration's testing of Capps II, a passenger screening system designed to identify potential terrorists.
"There are so many claims of national security this and national security that, but all I see is our country becoming less and less safe with more and more information floating around," says Scannell. "Is it good to be on good terms with the feds? Absolutely. Does that mean you have the right and the responsibility to do something of [JetBlue's] magnitude? Absolutely not."
privacy policies
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
