Privacy Presentation for SOCAP-3

93% of adults say that being in control of who can get information about them is important

90% say that controlling what information is collected about them is important

Consumers don’t seem to care90% of Americans want privacy, less than 10% believe they can

get it

91 percent had not made any changes to their internet or cell phone use to avoid having their activities tracked or noticed

www.geekwire.com/

57%

You’d Need 76 Work Days to Read All Your Privacy Policies Each Year

Types of Identity Theft

Malware

Bots

Malicious Software

Viruses

Worms

Trojan Horses

Spyware

Rootkits

Keystroke logging

HackersDumpster Diving

Stolen Wallet

Change of address

Mail Theft

Shoulder surfing

ATM skimmers /Handheld skimmers

Overlays

Data Breaches

50%

2 a day

In the U.S. there are about 50,000 sources of data for reaching individuals

a total of about 70 billion records

about 200 records per individual

The next highest you'll find worldwide is only about six or seven per person, and that's the

U.K. and Japan

According to Gartner, 26 billion connected devices will populate the world by 2020

Dark WebThe Dark Web is one place where stolen information is offered for sale. Accessible through the Tor network, the underground comprises of stores and websites entrenched in illegal activities ranging from the sale of data to hacking tools to drugs and weaponry.

• A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

• And in October 2013, federal prosecutors said an identity theft service in Vietnam managed to obtain as many as 200 million personal records, including Social Security numbers, credit card data and bank account information from Court Ventures, a company now owned by the data brokerage firm Experian.

The price for a simple Social Security number has fallen to as little

as $1.

The price for a medical identity in the US is $20.

One US credit card with a date of birth and Social Security

number: $25

According to BlackOps Partners, a firm providing

counterintelligence and trade secret protection, corporate

espionage costs US companies $500 billion every year.© 2014, Forrester Research, Inc.

Direct And Hidden Costs Of A Data Breach

Source: Forrester Research, Inc.

✔✔

✔

What’s it Cost

The average cost of a computer breach at large companies in the U.S. was $6.5 million.

The average cost per lost or stolen record in the United States was $217

Ponemon Institute

Highest Global Fraud Nations

35% - Indonesia (all Transactions)

33% - Venezuela 25% - South Africa 11% - Brazil 10% - Romania

Forter

On a Personal note: When (not if) your identity is stolen

① Place an Initial Fraud Alert

② Order your Credit Reports

③ Create an Identity Theft Report

④ Change Your Passwords

https://www.consumer.ftc.gov/articles/pdf-0009-taking-charge.pdf

Self-governance has been effective in forestalling privacy judgments. Will it continue to hold the line against class-action lawyers, privacy activists, and rampaging technology?

Telemarketing Sales Rule FTC’s Privacy Report: Balancing Privacy and Innovation The Do Not Track Option: Giving Consumers a choice Making Sure Companies Keep Their Privacy Promises to

Consumers Protecting Consumers’ Financial Privacy The Children’s Online Privacy Protection Act (COPPA): What

Parents Should Know

Protecting Consumer Privacy

No comprehensive national privacy laws exist outside ones like COPPA for child privacy rights, HIPAA for health information, and FRCA for financial data.

Will the New Consumer Privacy Bill Protect You?Bob Sullivan / Credit.com May 1, 2015

A proposed law would beef up your rights when your data is leaked or stolen.

Leahy has repeatedly proposed legislation since 2005 that would establish a nationwide notification standard called the Personal Data Privacy and Security Act; it has not passed.

https://www.whitehouse.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari

I think that right now is a dangerous time to be a direct marketer,” says Jay Edelson. He should know. The Chicago-based attorney makes his living filing class-action suits against companies that skirt privacy laws.

Stu Ingis of the Venable law firm in Washington, DC—ranked by several legal guides as one of the top privacy attorneys in the United States—brands lawyers like Edelson as bottom-feeders able to convince courts to see things in laws that are not there.

Get Compliant or… Massive AT&T Consumer Privacy Violation

Results in $25 M FCC Penalty (2015) $10 M Fine Proposed Against TerraCom and

YourTel for Privacy Breaches (2014) For Do Not Call violations, Sprint will pay FCC

$7.5 M (2014) Verizon Fined $7.4 M by FCC For Customer

Privacy Violations (2014)

Groups or individuals with expertise in the area of security or privacy are invited to register their interest at

[email protected]

TakeawaysThere is a business opportunity here

Consumers believe business and the government is not doing enough to protect their privacy

Consumers are not willing to change their current habits

Stealing customer information is very profitable

Be aware of the laws and penalties Businesses need help once a breach has been

identifiedNo dominant player