Security and Personal Information
The United States is unique in its approach to defining laws for protecting personal information in that there is a deliberate attempt to balance the rights of individuals to protect personal information and the rights of employers to monitor the use of their electronic communications networks including e-mail the access to the Internet (Doss, Loui, 1995). In attempting to balance the rights of citizens to privacy of how their data is accessed and used, the U.S. Federal Government has passed a multitude of laws including the Computer Fraud and Abuse Act (CFAA), the Digital Millennium Copyright Act (DMCA), and the Wiretap Act, all aimed at protecting the personal information of Americans from unauthorized use
(Breaux, Anton, 2008). These laws are debated daily in state, appellate and federal courts by citizens who feel their rights have been infringed on by employers, direct marketers who mine personal data an buy data illegally, and also identity thieves who seek to use others' credit to get anything they want.
Clearly not is being enough however in the context protecting personal information for employees and for the public. When identity thieves can purchase social security numbers online and attempt to use them to get credit cards, the entire legal system around individual rights is still flawed. There in fact needs to be more of an auditable, verifiable process for the use of social security numbers in the context of a purchasing transaction there is today. The validation of a citizen needs to also be regularly audited to make sure that a person's identity is not stolen or at the least, used to obtain credit or products illegally.
From an employer's perspective it is critically important to have laws in place that limit their liability for data sent over their networks and e-mail systems. The litigation surrounding the transfer of personal data over e-mails is growing at an exponential rate (Doss, Loui, 1995). There needs to be however more efficiency put into the process of validating just what is personal vs. professional mail, with a more insightful series of policies put in place to define acceptable use of e-mail and communications systems (Breaux, Anton, 2008).
Clearly, being able to guard against personal data of employees being accessed, sold or used in any way needs to have even more stringent rules associated with it (Breaux, Anton, 2008). The fact that so many companies today have their employee database compromised and then selectively sold off to telemarketers, it is clear that higher penalties need to be put into place for it professionals who either have lax security in place to allow this to happen, or unfortunately make the terrible mistake of thinking this is a way to make extra cash. As has been seen from the cases of overt theft of employee data, it has not been motivation by retribution but by the need for finds.
You’re 83% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.