Messaging Newswire
Follow Us on Twitter
Facebook Page
Google Plus Page
RSS feeds
Comments on LegalTech
Widgets & RSS FeedsSpent the day at LegalTech West in Los Angeles on Wednesday. Lots of interesting technology, but an absence of archiving vendors exhibiting at the show (the one archiving vendor on the list actually gave their booth space to a business partner), largely because of the attendee focus being legal (obviously) and not IT. In 2009 there was one archiving vendor on the show flow and in 2008 there were two.
There was an interesting keynote from David Lazarus, a columnist for the LA Times. He was quite vocal on the topic of privacy, having been the victim of identity theft—his Social Security number had been used for nine years before he found out about it, and that by accident. The US government would not notify him because of the privacy “rights” of the individual who was using his SSN under false pretenses.
Some of his points:
- David believes that accountability has to rest with the deepest pockets—the person to whom individuals have given their confidential information. That would force information holders to ensure that their contractors will comply with privacy requirements.
- Is the hidden price of cheaper computing less privacy? David believes that, as consumers, we don’t care about privacy as much as we care about saving money.
- David believes that the problem with notification laws is that the company that lost your information is the one that decides if a threat exists—if they don’t think it’s a problem, they don’t have to notify you.
- He proposes a $1,000 per record fine for data breaches to impose some accountability on information-holders. Because accountability is critical for data management, particularly in a cloud environment, the only way to impose this accountability will be with enormous penalties for data breaches.
David raised an interesting issue—would a $1,000 fine per record breached actually make information-holders more accountable? Would this be more effective than the current data breach notification laws that are in effect in 46 of the 50 US states? While such a fine would certainly motivate companies to implement encryption and other safeguards, is a $1,000 fine excessive given that most data breaches—e.g., a lost laptop—actually don’t result in any financial loss for the individuals whose information was lost?
