Today, we issued a news release celebrating Data Privacy Day, an initiative of the International Association of Privacy Professionals. In that release we made the assertion that “We have seen a proliferation of identity theft and spam as well as a tripling of reported data breaches around the world last year” – based on an analysis of data breaches first reported in USA Today, and similar reporting by the Associated Press.
“Dissent,” who blogs at pogowasright, contacted me to question that analysis. Dissent’s dissection of the claim that breaches have tripled can be found here and here. His/her email suggested that maybe we were thinking of the records revealed as a result of breaches?
I think we can all agree it is hard to track whether a data breach has occured, unless it is then reported in the media. Dissent’s analysis seems to make sense.
At the Office of the Privacy Commissioner, however, we are certain that there were a number of remarkable data breaches in 2007 – in Canada and abroad.
Whether we are talking about breaches themselves or the records they revealed, there were millions of personal records exposed because of poor record handling, inadequate security, lax staff procedures and disregard for privacy agreements.
And that has to change.
But we still appreciate Dissent for paying close attention. We need more like him/her.