The only way to control today's identity theft epidemic is for consumers, Congress and corporate America to team up.
Jim Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies in Washington, D.C., today told a panel of security experts from eBay, eTrade, RSA Security, Forrester Research and BITS that protecting data is a shared responsibility. "Consumers have to become more perceptive about risks, but companies that use and hold data have a greater responsibility to put procedures and safeguards in place," he said. "Government's responsibility is to make sure this happens and to prosecute the criminals."
The panel, held Friday morning in the nation's capitol, addressed the recent rash of data thefts from Bank of America, LexisNexis and ChoicePoint that has left consumers scratching their heads about who is supposed to protect their confidential information.
Those in the security industry have long debated the question of responsibility, and it now appears that though consumers may play a limited role in data protection. Bruce Schneier recently said that consumers can't be expected to keep their passwords secure or their computers virus-free, and so can't be part of the solution.
That didn't set well with Lewis. "How about a traffic system where we remove white lines, stop signs, stop signals and speed limits and rely on driver education?" he argued in a subsequent interview. "Consumer education is a part, but only a small part, of better security. We need the rules and technologies in place that will take the burden off consumers."
Read this full article at SearchSecurity
Powered by AkoComment! |
