The National Academies Press

Currently Skimming:

Workshop Introduction
Pages 1-4

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 1... ... The workshop featured nine speakers addressing a broad range of perspectives on data breaches: empirical, consumer, and data holders' perspectives and legal and policy perspectives. Distinguished scholars, lawyers, consumer advocates, and industry executives contributed their varied expertise to help draw out key themes and examples and to offer their views on response mechanisms for mitigating harm when data breaches occur. Read the entire page →
From page 2... ... He observed that recent breaches on the dating site Ashley Madison, or the U.S. government's Office of Personnel Management, or the toy company VTech, prove that more than just financial loss is at stake: the harms from data breaches extend into the realms of personal reputations, national security, and even the safety of children. Read the entire page →
From page 3... ... Organizations that have been breached may offer affected constituencies free credit monitoring for a limited period or other forms of remediation or restitution, but it is unclear whether that actually helps affected individuals understand, minimize, and/or manage the implications of exposure. Moreover, the relevance of such monitoring is not clear in cases where financial data were not the sole type of data exposed, for instance, a breach of a defense contractor, a financial firm whose customers are themselves other financial firms, theft of intellectual property, or exposure of data that underpins critical infrastructure. Read the entire page →
From page 4... ... Some axes to consider: • Types of breaches -- breadth of exposure, mechanism, motivation; • T pes of harm -- physical, reputational, financial, national security, short-term, long-term, reversible, autonomy/well y being, emotional distress, time/effort, diminished trust in services, reduced standing in the community, stalking, reduced economic opportunity, interference with family; • Who can be harmed -- users of a service, data subjects, institutions/data holders, third-party institutions, third-party individuals, society; • Types of data breached -- financial, communications, trade secrets, classified information, PII, health/medical, trans actional, metadata, location; and • Types of remediation -- credit monitoring, reduction in liability, roll-back of transactions, reimbursements. Questions for Discussion For these discussions, the term data breach can refer to • Data that is stolen or exfiltrated; • Data that is inappropriately exposed, published, or distributed; • Data that is destroyed (perhaps along with its backups) Read the entire page →

From page 1...

... The workshop featured nine speakers addressing a broad range of perspectives on data breaches: empirical, consumer, and data holders' perspectives and legal and policy perspectives. Distinguished scholars, lawyers, consumer advocates, and industry executives contributed their varied expertise to help draw out key themes and examples and to offer their views on response mechanisms for mitigating harm when data breaches occur.

Read the entire page →

From page 2...

... He observed that recent breaches on the dating site Ashley Madison, or the U.S. government's Office of Personnel Management, or the toy company VTech, prove that more than just financial loss is at stake: the harms from data breaches extend into the realms of personal reputations, national security, and even the safety of children.

Read the entire page →

From page 3...

... Organizations that have been breached may offer affected constituencies free credit monitoring for a limited period or other forms of remediation or restitution, but it is unclear whether that actually helps affected individuals understand, minimize, and/or manage the implications of exposure. Moreover, the relevance of such monitoring is not clear in cases where financial data were not the sole type of data exposed, for instance, a breach of a defense contractor, a financial firm whose customers are themselves other financial firms, theft of intellectual property, or exposure of data that underpins critical infrastructure.

Read the entire page →

From page 4...

... Some axes to consider: • Types of breaches -- breadth of exposure, mechanism, motivation; • T pes of harm -- physical, reputational, financial, national security, short-term, long-term, reversible, autonomy/well y being, emotional distress, time/effort, diminished trust in services, reduced standing in the community, stalking, reduced economic opportunity, interference with family; • Who can be harmed -- users of a service, data subjects, institutions/data holders, third-party institutions, third-party individuals, society; • Types of data breached -- financial, communications, trade secrets, classified information, PII, health/medical, trans actional, metadata, location; and • Types of remediation -- credit monitoring, reduction in liability, roll-back of transactions, reimbursements. Questions for Discussion For these discussions, the term data breach can refer to • Data that is stolen or exfiltrated; • Data that is inappropriately exposed, published, or distributed; • Data that is destroyed (perhaps along with its backups)

Read the entire page →

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

Workshop Introduction Pages 1-4

Workshop Introduction
Pages 1-4