September 01, 2008

Private Data (or Personally Identifiable Information) Definition

Data Leakage Law

The key to avoiding liability for data leakage is due diligence. As a broad generalization, the law of data security rewards those who are diligent, who exercise due care to prevent a compromise of privacy. Hence, if a data holder is diligent, but still suffers a mishap, it is less likely to be held legally liable when a data subject decides to sue.

For example, Guin v. Brazos Higher Education held a loan processor was not liable for a compromise of data security, in part because the processor had taken reasonable steps to protect the data (including a written security policy and risk assessment).

Reasonable steps, or due diligence, can include application of latest technology, such as filters that inspect outgoing data transmissions and scrub or block those that appear suspicious.  An e-mail filter would have been helpful to the Palm Beach County health department when an employee inadvertently broadcast a list of HIV/AIDS patients to 800 county employees.

When employing such filters, however, an issue is to know what to filter.  Obvious targets for filtering are Social Security Numbers and credit card numbers. But privacy is a context-specific abstraction. To understand which data are and are not private, organizations have to be sensitive.  For example, a person’s name plus postal address are normally not considered private.  That information is commonly published in directories like telephone books. However, as one of my SANS Institute students taught me, a public housing authority is wise to consider the name plus postal address of its residents to be private. The reason is that some residents are sensitive about living in public housing, and consider their postal address (at a public housing location) to be private!

Update: Netflix (the movie rental company) learned how context-specific PII can be.  Netflix gave "anonymized" data about the viewing interests of its users to researchers so they could help develop better algorithms for suggesting to users new movies they'd like to see.  But academics have shown that most any information about a person (such as movies watched) can be used to identify the person if it is matched with enough context (data on time, location and so on are good examples of context that can turn anonymized data into PII).  So Netflix’s research project drew a lawsuit saying the data it exposed to researchers was actually PII.  The project also attracted attention from government watchdog Federal Trade Commission.  Netflix settled the lawsuit and ceased that particular line of research.

--Benjamin Wright, computer security law instructor for SANS Institute (CLE and CPE).

Sep 1, 2008 11:45:27 AM | authority, breach, CLE, county, data break-in, data leakage law, data security, department, filter, information security, SANS, scrub, security breach, social security numbers, sue

The comments to this entry are closed.

NEXT POST
E-Discovery Strategy, Search & Artificial Intelligence E-mail Archive Policy In a legal dispute, you want as much of two assets as you can get – evidence and brainpower. You want evidence to supply facts so you can understand and support your side of the case. And you want good analysis and judgment so you can assemble the best arguments and make the best decisions about how to manage your case. Since e-discovery affects both evidence and brainpower, it is revolutionizing litigation and, more generally, all manner of investigations (whether they be investigations of bribes, kickbacks, corruption, espionage, overcharges, misallocation of funds, abuse of power, breach of trust or any other misconduct). Litigation Dynamics A lawsuit today is not your father’s lawsuit. The advent of electronic records like e-mail causes the quantity of records potentially relevant to a lawsuit/investigation to swell beyond imagination. In any dispute, this profusion of records opens vast opportunity to those able to exploit it. Smart litigants today (a) welcome oceans of records, and (b) seek advanced analytics and artificial intelligence to glean from those oceans the best...
PREVIOUS POST
E-mail Litigation Hold in Local Government Costly E-Discovery in Backup Tapes Commonly a public agency destroys e-mail relatively quickly, while expecting individual administrators and professionals to keep needed records as a special exception. Then, when hit with a lawsuit, the agency assumes individual employees can be told to save e-mails that are relevant to the lawsuit. But this approach is not faring well in court, in good part because employees are not talented at keeping records. The approach can lead to sanctions in court, or a requirement that the agency undertake the expensive task of digging through network backup tapes. Consider for instance the plight of the Washington Metro Transit Authority (District of Columbia region). A civil rights group representing disabled passengers sued the authority, alleging it provided too few para-transit services. When the litigation started, the transit authority implemented a “litigation hold”. It told employees such as engineers to keep relevant e-mails. (In practice this meant employees would sequester selected e-mails in PST files.) The authority did not have a central facility for long-term archival of e-mail. Its central e-mail...

Benjamin Wright

Attorney Benjamin Wright helps others navigate the law of technology.

The Typepad Team

Search

Become a Fan

My Other Accounts

Recent Comments