Schneier: Data is a Toxic Asset
Security expert Bruce Schneier writes that Data is a Toxic Asset.
Thefts of personal information aren't unusual. Every week, thieves break into networks and steal data about people, often tens of millions at a time. Most of the time it's information that's needed to commit fraud, as happened in 2015 to Experian and the IRS.
Sometimes it's stolen for purposes of embarrassment or coercion, as in the 2015 cases of Ashley Madison and the US Office of Personnel Management. The latter exposed highly sensitive personal data that affects security of millions of government employees, probably to the Chinese. Always it's personal information about us, information that we shared with the expectation that the recipients would keep it secret. And in every case, they did not.
Schneier makes a good case for a total revamp in thinking.
But while a person can minimize data exposure in some limited ways*, when the most important data is required by law (tax info and more), it’s all but game over given government incompetence at protecting it. My own father was one of the people likely compromised by the IRS last year. That more such breaches will occur is a certainty.
* Or maximize exposure and risks via ill-advised sites like Facebook—ideal for profiling to make a compellingly personalized fraud.