Recently I was approached by a person that requested my services with regards to the retrieval of third party information and confidential data from a database that is still available to the public. The data did not belong to the person and although it was offered freely over the Internet I doubt whether the ‘professional’ offering the data intended to share it with the world.
I obviously declined the offer of dubious employment and went to the trouble of attempting to alert the ‘professional’ in question to the fact that confidential customer data is accessible from the public network. I was told that I have to make an appointment then I can come in to see the person that I have speak to. Is arrogance worse than ignorance? Are other ‘professionals’ also so laissez faire with data in their confidential custody? Surprisingly, yes they are.
Very few Doctors, Lawyers, Estate Agents and others really care about the security of your data.
We need additional consumer protection for our data and to be able to punish and prosecute those that endanger our digital well being.
If the Techno Revolution has not yet instilled the fear of God into my very marrow, I was again reminded that you have to be afraid, very afraid.
Professional People do not update their operating systems, have outdated or no firewalls, run ADSL routers with username admin and password admin, to name but the most basic and completely obvious security mistakes.
Would these same professionals leave their pimped out BMW in the middle of an impoverished area unlocked and with doors wide open? No, but see it is not their data so what do they care if identity thieves, criminal syndicates and God knows who else retrieves their customer and other peoples data?
Inorance of the law is no excuse so the ECT Act should be amended to make these ignorant ‘professionals’ liable under criminal prosecution for their flagrant disregard of information in their confidential custody.