| Presentation Title | Privacy Breach Response: What happens if personal information leaks out? |
| Most societies concerned about privacy want to avoid privacy breaches -
improper disclosures of personal information without the consent of the
person who is the subject of the personal information. Strategies for
avoiding privacy breaches include solid data security practices, as well
as minimization, anonymization and short-term retention of personal
information. Legal strategies such as personal data handling standards
and contractual agreements can also help avoid privacy breaches.
In the US, legal liabilities may accompany privacy breaches. Statutes often require notice to those whose personal information has been lost or compromised. In addition to reputation harm, monetary damages may be imposed for privacy breaches. This distinctive treatment of privacy breaches as matters of legal liability is not necessarily more effective in actually protecting against privacy breaches than reliance upon shared societal norms respecting individual autonomy. Privacy breach notification and liability are not required in most nations. For example, in the UK, under legislation carrying out the EU Data Protection Directive, privacy breaches are normally resolved by the Information Commissionerfs Office. In other nations, such as Japan, which have neither privacy breach notification requirements nor a centralized privacy enforcement agency, privacy breaches are not so much treated as legal problems, but rather appear to be treated as deficiencies in individual or corporate social responsibility. |
|