Thank you for visiting paducahsun.com, the online home of The Paducah Sun.

June 2012
27 28 29 30 31 01 02

Click here to submit an event.

Protecting citizens' personal data a 'no-brainer'

By JIM WATERS The Bluegrass Institute


The Bluegrass Institute

Target Corp. is learning the hard way: The price is steep for retailers who don't protect customers' sensitive financial information.

Target's profits fell a whopping 50 percent during its fourth quarter of 2013 as the result of a massive security breach involving as many as 110 million of its customers' credit and debit card accounts, which began the day before Thanksgiving and extended throughout much of the holiday shopping season.

In fact, the Nightmare before Christmas continues to play as Target provides customers with free credit monitoring and theft protection services and pays legal fees incurred by investigations and litigation.

Profit provides an all-powerful incentive for private-sector businesses to beef up their cybersecurity and respond immediately when computer systems get hacked.

But what is an effective inducement for public agencies to shield sensitive information like Social Security and drivers' license numbers or delicate health data?

Political consequences certainly can provide significant incentives.

South Carolina Gov. Nikki Haley was forced to accept responsibility after digital thieves hacked into her state's Department of Revenue computer servers and swiped tax returns containing Social Security numbers and bank account information involving 5 million individuals and businesses.

States "hold loads and loads of sensitive information - more than any other entity, except - possibly - for a company like Google," said Nathan Cryder, chief policy advisor for state Auditor Adam Edelen.

Edelen is pushing legislation to prevent a South Carolina-like cyber disaster here by requiring state and local government agencies to notify victims of stolen data within 35 days of a security breach. It also requires the Commonwealth Office of Technology to develop a crisis plan and provide cybersecurity training for agencies.

Cryder calls the proposal "a no-brainer."

What's disconcerting is that most Kentuckians probably assumed that such a plan and notification requirements already were in place.

But keep in mind what "assumptions" can make out of us.

Based on her post-hacking comments, it's possible that South Carolina Gov. Haley didn't know about the cybersecurity lapses in her own state, either.

A penitent Haley now is performing what may be considered the gubernatorial version of "community service" by making it her mission to warn other states and federal agencies like the IRS to encrypt the taxpayer data they have been entrusted with.

Encrypting occurs by adding layers of protection so that thieves, even if they successfully hack a computer server, cannot decipher sensitive information without the cryptographic key. These bandits may break into the bank but, without the combination, the money in the vault remains inaccessible to them.

House Bill 5 does not require government agencies to encrypt data. However, isn't it just common sense to do so?

Investigations following the attack in South Carolina revealed the state could have prevented $12 million worth of damage - plus great loss of public confidence in the government - for a $12,000 password encryption system.

An ounce of prevention really is worth a pound of cure.

The cybersecurity bill arrived at the Senate's State and Local Government Committee after sailing through the House on a 99-1 vote. Sen. Joe Bowen, R-Owensboro, who chairs that committee, indicated he supports improving cybersecurity but rightly wants to ensure that state government doesn't force unfunded mandates on local governments.

Bowen should use the committee process to protect local governments, but then also protect taxpayers by doing what 46 other states already have done: pass a breach notification bill and avoid what at least one state, its political leaders and - most importantly - its citizens endured.

If government spending decisions should be transparent to taxpayers, so too should breaches involving personal data they hand over to that government.

It really is a no-brainer.

Jim Waters is president of the Bluegrass Institute, Kentucky's free market think tank.

Comments made about this article - 0 Total

Comment on this article

Your comment has been submitted for approval
captcha 7eb99273c95a47fbad8398903e458d04
Top Classifieds
  • AKC registered Boxer puppies. Born Ju ... Details
  • F1 Golden Doodles M/F, Beautiful,6 wk ... Details
  • CKC Tiny Toy Poodles270-554-4308 Details
  • AKC Lab Pups *3/Black female $375 *1 ... Details
  • RUNNING, fixable, junk vehicles, equi ... Details
  • Details
  • PILLOWTOP Mattress Sets, NEW in plast ... Details
  • MJS Concrete Specializing In:Stamped ... Details
  • NEW 50x60 steel bldg. equipped w/12x1 ... Details
  • SEEING is believing! Don't buy p ... Details
  • Corner Lot, 1 acre Kevil $16,500 2704 ... Details
  • Duplex By Owner 3 BR 1 BA each side ... Details
  • 8 Unit Apt. Bldgs. For Sale By Owner ... Details
  • 1963 Chev. Bel-Air, 2 dr post, 327 5 ... Details
  • Fishing Boat, Motor and Trailer ... Details
  • '13 Nissan Altima SL 34K miles N ... Details
This Week In Photos
Most Popular
  1. Pro-alcohol crowd may someday regret their vote
  2. PROGRESS Publicity helps place some endangered dogs
  3. Head to move from softball to baseball for Livingston
  1. Deschanel marries, delivers baby girl
  2. Cell phones out for hours
  3. Graves woman arrested on DUI, knife charges
  1. Pro-alcohol crowd may someday regret their vote
  2. PROGRESS Publicity helps place some endangered dogs
  3. Paisley to mentor on 'The Voice'

Check out these recently discussed stories and voice your opinion...