This week Quora got hacked and the account information of 100M users was exposed. The week before Starwood admitted they were hacked for several years and details of an estimated 500M people were exposed. And then there were the hacks of:
- Yahoo (3B accounts)
- Equifax (143M accounts)
- JPMorganChase (83M accounts)
- Anthem (80M accounts)
- Target (70M accounts)
- Evernote (50M accounts)
Just to name a few. It’s safe to say:
- Your information is out there
- We’ve a major problem
Routinely companies ask for sensitive information and often they need that information. Just think about the HR department of a small corporate who collects SSN info and health care benefits data. If companies this large get hacked, you can bet that these smaller companies get hacked too. Worse is that they probably don’t even realize they are exposing that data. The problem is that as a consumer you’ve no choice in the matter, you’ve to share your data to get access to services.
I don’t think we’ll ever solve the problem that companies get hacked. We might be able to improve the situation, but it won’t make the problem go away completely.
The question is more what we can do to mitigate the need to share sensitive information with companies. Or at least put me in control of how my data is used. Why can’t I link my SSN and its activity to my email and let me approve transactions before they take place? At least, it will give me control. I can’t keep the information from leaking, but I can keep it from being abused.
Hands off please
Personal data ownership as a fundamental right
It’s not just you
Collateral data collection
Collecting data comes with big responsibility
Contrarian view: collecting private data for good
This is what keeps me up at night
Data integrity and privacy