A Washington Post article reports that anyone providing email services to you is allowed to read your email:
today the california senate bill SB 1386 went into effect. the bill (now law) makes businesses that store customer information responsible for safe guarding that information from criminals. the law states that if customers personal information (credit card numbers, names, social security numbers, etc.) that is stored on a computer are acquired by unauthorized persons (criminals), then the company in question is responsible for notifying those customers that their information was stolen.
this all seems like common sense to me. if you are a business and i give you my personal information you are responsible for making sure it doesn’t get stolen or used improperly, and certainly if it does get stolen you should tell me about it. the problem is that most business don’t want to embarrass themselves, or gain the bad P.R. that would come from admitting you lost your customer’s information. so instead of admitting they have lost personal information they usually just cover it up, which of course hurts the consummers involved, and leaves no incentive for the companies to actually enact preventative measures, so that it doesn’t happen again.
now with this law companies better beef up security and protect my information, otherwise they will get caught with their pants down, and everyone will know about it.
i first saw this story in the P.D. and what was most shocking was that california is the only state to have such a law. that may soon change though, as U.S. Sen. Dianne Feinstein (D-Calif.) introduced similar legislation to the U.S. Senate a few days ago [press release] , which she is titling the Notification of Risk to Personal Data Act. the bill (S 1350) is similar to the california bill, and would apply to any company involved in interstate commerce, and as most federal laws do, would supersede any inconsistent state laws.
i can see why business or people with business ties would fight this law, i mean it is just bad marketing to announce to everyone that you lost a bunch of sensitive data, but i would have to say tough to those people because this law makes sense, and companies have a responsibility to their customers to inform them of this kind of crime against them.
if you haven’t done so already then go right now to www.donotcall.gov and sign your self up. note: it may take a while for them to send you the confirmation email.
i think this is a good thing for all of us who hate those damn telemarketers, however if you read the documentation you’ll note that there a few exemptions.
also it seems like this would really benefit the telemarketing companies because now they have a list of people not to waste their time or money on. this should save them a great deal of money if they followed this logic, because then they could focus more on the people who might actually buy their crap.
however based on that logic then spammers wouldn’t try and alter their messages so as to not get caught in email message filters marking them as spam, because then they would only be targetting those people that may be interested.
in the end i think we will have to wait and see how effective the national do not call list really is to stopping those annoying telemarketer calls. in any case i think it is a step in the right direction, and i wouldn’t mind seeing something like this for spam.
