Cracking the online dating code
It recently unveiled the fourth annual Online Trust Honor Roll, measuring the security and privacy best practices of 1,200 e-commerce, FDIC, and social media sites.
Twitter topped the list for its support of Do Not Track privacy preferences; other leading companies included American Greetings Interactive, Bank of America, Costco, Charles Schwab, and Zynga.
Merited or not, the fact of the matter is "breaches happen," according to Carsten Casper, research director and head of the Privacy Key Initiative at Gartner Research.
"Those pointing the fingers might be the next ones suffering from one." To Casper's point, the very same week Linked In fought to put out its own privacy fire, online dating service e Harmony had to take extra measures to protect its customers, when 1.5 million passwords were compromised.
The FTC claims "the defendants' failure to maintain reasonable security allowed intruders to obtain unauthorized access," resulting in .6 million in fraudulent charges dating back to 2008, according to court documents."Businesses are clearly not acting responsibly enough," maintains Paul Stephens, director of policy and advocacy at Privacy Rights Clearinghouse.
The Online Trust Alliance, for instance, is a member-based nonprofit group that develops best practices to mitigate emerging privacy and security threats.That can be a challenge."Weighing Countermeasures There is no magic bullet when it comes to combating the cyber theft problem, due to the constant metamorphosis of technology.Organizations like the PCI Security Standards Council, which develops the technical requirements for data security programs for payment brands like American Express and Visa, seek to standardize security.A Steep Price Tag The Linked In and e Harmony password breaches might have put personally identifiable information up for grabs, but companies also run the risk of losing even more sensitive customer data—financials.The Federal Trade Commission (FTC) brought suit against hospitality giant Wyndham Worldwide in late June for allegedly exposing 619,000 consumer payment account numbers to a domain in Russia.