Harboring Data: Information Security, Law, and the Corporation

Harboring Data: Information Security, Law, and the Corporation

by Andrea Matwyshyn
     
 

ISBN-10: 080476008X

ISBN-13: 9780804760089

Pub. Date: 10/28/2009

Publisher: Stanford University Press

As identity theft and corporate data vulnerability continue to escalate, corporations must protect both the valuable consumer data they collect and their own intangible assets. Both Congress and the states have passed laws to improve practices, but the rate of data loss persists unabated and companies remain slow to invest in information security. Engaged in a

…  See more details below

Overview

As identity theft and corporate data vulnerability continue to escalate, corporations must protect both the valuable consumer data they collect and their own intangible assets. Both Congress and the states have passed laws to improve practices, but the rate of data loss persists unabated and companies remain slow to invest in information security. Engaged in a bottom-up investigation, Harboring Data reveals the emergent nature of data leakage and vulnerability, as well as some of the areas where our current regulatory frameworks fall short.

With insights from leading academics, information security professionals, and other area experts, this original work explores the business, legal, and social dynamics behind corporate information leakage and data breaches. The authors reveal common mistakes companies make, which breaches go unreported despite notification statutes, and surprising weaknesses in the federal laws that regulate financial data privacy, children's data collection, and health data privacy. This forward-looking book will be vital to meeting the increasing information security concerns that new data-intensive business models will have.

Read More

Product Details

ISBN-13:
9780804760089
Publisher:
Stanford University Press
Publication date:
10/28/2009
Edition description:
New Edition
Pages:
368
Product dimensions:
6.20(w) x 9.10(h) x 1.20(d)

Table of Contents

Sect. I Introducing Corporate Information Security

Introduction Andrea M. Matwyshyn Matwyshyn, Andrea M. 3

1 Looking at information Security Through an Interdisciplinary Lens

Computer Science as a Social Science: Applications to Computer Security Jonathan Pincus Pincus, Jonathan Sarah Blankinship Blankinship, Sarah Tomasz Ostwald Ostwald, Tomasz 19

Sect. II The Dual Nature of Information - Information as a Consumer and Corporate Asset

2 The Information Vulnerability Landscape

Compromising Positions: Organizational and Hacker Responsibility for Exposed Digital Records Kris Erickson Erickson, Kris Philip N. Howard Howard, Philip N. 33

3 Reporting of Information Security Breaches

A Reporter's View: Corporate Information Security and the Impact of Data Breach Notification Laws Kim Zetter Zetter, Kim 50

4 Information Security and Patents

Embedding Thickets in Information Security? Cryptography Patenting and Strategic Implications for Information Technology Greg R. Vetter Vetter, Greg R. 64

5 Information Security and Trade Secrets

Dangers from the Inside: Employees as Threats to Trade Secrets Elizabeth A. Rowe Rowe, Elizabeth A. 92

Sect. III U. S. Corporate Information Security Regulation and Its Shortcomings

6 Information Security of Health Data

Electronic Health Information Security and Privacy Sharona Hoffman Hoffman, Sharona Andy Podgurski Podgurski, Andy 103

7 Information Security of Financial Data

Quasi-Secrets: The Nature of Financial Information and Its Implications for Data Security Cem Paya Paya, Cem 121

8 Information Security of Children's Data

From "Ego" to "Social Comparison" - Cultural Transmission and Child Data ProtectionPolicies and Laws in a Digital Age Diana T. Slaughter-Defoe Slaughter-Defoe, Diana T. Zhenlin Wang Wang, Zhenlin 145

Sect. IV The Future of Corporate Information Security and Law

9 Information Security and Contracts

Contracting Insecurity: Software Licensing Terms That Undermine Information Security Jennifer A. Chandler Chandler, Jennifer A. 159

10 Information Security, Law, and Data-Intensive Business Models

Data Control and Social Networking: Irreconcilable Ideas? Lilian Edwards Edwards, Lilian Jan Brown Brown, Jan 202

Conclusion Andrea M. Matwyshyn Matwyshyn, Andrea M. 228

Notes 235

Bibliography 295

Index 333

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >