A case of mistaken identity? News accounts of hacker, consumer, and organizational responsibility for compromised digital records

Erickson, K. and Howard, P.N. (2007) A case of mistaken identity? News accounts of hacker, consumer, and organizational responsibility for compromised digital records. Journal of Computer-Mediated Communication, 12(4), pp. 1229-1247. (doi:10.1111/j.1083-6101.2007.00371.x)

Full text not currently available from Enlighten.

Abstract

The computer hacker is one of the most vilified figures in the digital era, but to what degree are organizations actually responsible for compromised personal records? To examine the role of organizational behavior in privacy violations, we analyze 589 incidents of compromised data between 1980 and 2006. There were more reported incidents in 2005 and 2006 than in the previous 25 years combined. Excluding a particularly large security breach at Acxiom, hackers account for the largest volume of compromised records, some 45%, while 27% of the volume is attributed to organizational mismanagement and 28% remains unattributed. In terms of incidents, 9% were an unspecified type of breach, 31% of the incidents involved hackers, and 60% of the incidents involved organizational mismanagement: personally identifiable information accidentally placed online, missing equipment, lost backup tapes, or other administrative errors. Options for public policy oversight are discussed.

Item Type:Articles
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Erickson, Dr Kristofer
Authors: Erickson, K., and Howard, P.N.
Subjects:H Social Sciences > HV Social pathology. Social and public welfare
K Law > KF United States Federal Law
College/School:College of Social Sciences > School of Law
Journal Name:Journal of Computer-Mediated Communication
ISSN:1083-6101

University Staff: Request a correction | Enlighten Editors: Update this record