Federal Trade Commissioner (FTC) Orson Swindle had some strong words recently for business leaders attending a meeting on cybercrime convened by the Business Software Alliance and the Center for Strategic and International Studies (as reported in National Journal’s Tech Daily [subscription req'd]):
Swindle said Congress’ current obsession with attacking the explosion in identity theft was misplaced.
“It’s not identity theft — it’s theft of information,” he said.
However, as pointed out in a NY Times article today, many of the activities from which current privacy concerns arise aren’t theft at all:
[...] The Johns Hopkins project was conceived by Aviel D. Rubin, a professor of computer science and the technical director of the Information Security Institute at the university. He has used his graduate courses before to expose weaknesses in electronic voting technology and other aspects of a society that is increasingly dependent on – and at the mercy of – digital technology. “My expectations were that they would be able to find a lot of information, and in fact they did,” he said.
Is the real worry unauthorized access to or misuse of personal information (e.g., ID theft, fraud, etc.), or is it the fact that there seems to be so much personal information out there for the taking (or aggregating) in the first place?
There are many nuances and distinctions here, and one hopes that policymakers are aware of and will consider them. In any case, Commissioner Swindle and his FTC colleagues are sure to play an integral role in implementing any related regulatory provisions that work their way through the legislative process this year.
We will, of course, keep you posted.