FindLaw columnist Eric Sinrod writes regularly in this section on legal developments surrounding technology and the internet.
If press reports are to be believed, personal data on 207,000 army reservists potentially have been compromised as a result of laptops that were stolen recently from the offices of Serco Inc., a government contractor. Apparently, the data was contained on a CD-Rom that was inside of one of the laptops that were stolen. That disc is said to contain information such as the reservists' names, addresses, Social Security numbers, and probably information relating to the spouses and dependents of the reservists.
The U.S. Army Reserve Command reportedly has begun sending letters to the reservists that explain the security breach, apologize, and state that measures will be taken to prevent this type of occurrence from happening again. The letters are said to assure that going forward there will be additional training provided to personnel to make sure that they comprehend that personally identifiable information always must be safeguarded to protect the confidentiality of the data.
Of course, an apology and a promise to do better in the future might be little solace to those reservists whose personal data actually has been compromised as a result of this particular failure. And one has to wonder why sufficient confidentiality measures were not already in place to protect the private data of the reservists.
The expression "good enough for government work" should not apply when it comes to protecting personally identifiable information of individuals and their loved ones. Once private data has been compromised and exposed, it is very difficult, if not impossible, to make that specific data private again.
- Data Security Breaches Cost Real Money (FindLaw's Technologist Blog)
- Microsoft's Danger and T-Mobile Sidekick Users' Data (FindLaw's Common Law Blog)
- The Cost of Data Breaches: It Ain't Cheap! (FindLaw's Technologist Blog)
Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP(http://www.duanemorris.com) where he focuses on litigation matters of various types, including information technology and intellectual property disputes. His Web site is http://www.sinrodlaw.com and he can be reached at firstname.lastname@example.org. To receive a weekly email link to Mr. Sinrod's columns, please send an email to him with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author's law firm or its individual partners.