On November 30th, Marriott announced that a guest reservation database on the Starwood side of its business had been breached. Initial reports indicated that upwards of 500 million individuals were affected. The stolen data includes quite sensitive information, such as guest passport details and, likely, payment card information. Although it will probably take time before we fully understand the details of the incident – which appears to have continued unabated since 2014 – there are lessons that we can learn from the details already in... more
$4.8 million. That is an impressive class-action settlement number, particularly when you consider that the automated calls and texts triggering the litigation and settlement arose from a single auto dealership. The auto dealer allegedly (link to complaint) violated the federal Telephone Consumer Protection Act (TCPA) by engaging a third party to deliver ringless voice and text messages to the cell phones of prospective buyers. Beyond the lessons learned by this individual business, the broader message for all organizations is a.) that it continues to be... more
A recent Harris Poll surveyed adults on the topic of corporate social responsibility and found, not surprisingly, that a majority of those asked stated that companies should – or perhaps “ought” – to have a mission beyond profit. What was surprising is that data privacy surpassed healthcare or even supporting veterans as the social issue that people most want companies to address. This follows an April 2018 poll sponsored by IBM evidencing deep concern among consumers about data security. Specifically, 73% of respondents indicated that businesses... more
Organizations of all types are increasingly subject to data theft and loss, whether the asset is customer information, intellectual property, or sensitive company files. The federal government and, thus, its private contractors have long relied upon the National Institute for Standards and Technology (within the Commerce Department) to develop standards and guidance for information protection. One of the most important of these is the fairly recent Cybersecurity Framework, which helps provide structure and context to cybersecurity. Private-sector organizations should be motivated to implement the NIST... more
As consumers, when we think of privacy, one of the first adjectives that springs to mind should be “inconsistent.” Consumers claim to want their personal information used only for the purposes they originally provided it, and protected until (somewhat famously) they are asked to exchange their passwords for chocolate. This privacy paradox has been supported both anecdotally and with data-based studies. Without biting into the question of the quality of chocolate offered in the password exchange, the general point remains that individuals’ comfort levels appear... more
Welcome to the eBriefcase Management Center. As you assemble your personalized eBriefcase, you may drag to reorder or delete items. Once assembled, you can create a PDF of your eBriefcase.