100 million records exposed? Nope, make that 1.76 billion and counting.
As I was searching for upcoming conferences and events to add to PWR’s calendar, I came across an upcoming talk by Philip Howard at Stanford Law School on March 19. His description of his presentation includes the following:
To examine the role of organizational behavior in privacy violations, I analyze over 215 incidents of compromised data between 1980 and 2006. All in all, some 1.76 billion records have been exposed, either through hacker intrusions or poor management. In the context of the United States, there have been 8 records compromised for every adult.
Because I haven’t seen the methodology, I can’t be sure what type of records he included in his study (i.e., are there cases that are just name + email address?), but his numbers are certainly a bit mind-boggling, and suggest that my satirical comment about over 2 billion records compromised by 2031 may well be a significant underestimate.
Thanks for the recent comment on my site. Just goes to show that most statistics are flawed to at least some extent!
I don’t know that they’re actually “flawed,” Ed. I think each study has its own merit if we are given the details of their methodology so that we can figure out the implications of their sampling methods and choice of statistical analyses, etc.
One of the things that consistently irks me is how hard it is to get the detailed methods sections for some studies or press released surveys. I recently sent two inquiries re surveys that got media coverage, asking for more specific information on particular points and as yet, have gotten no answers.
And yet without more detailed information, we’re stuck with only the investigators’ interpretation and conclusions. I’m spoiled, I guess, by having been taught that you publish your research and give the reader enough detail about what you did and how you did it so that they can replicate your methods.