Offshoring of commercial data...
Steve Schear
s.schear at comcast.net
Wed Feb 11 08:15:58 PST 2004
At 07:44 AM 2/11/2004, Tyler Durden wrote: >Steve Schear wrote... >
>>This is why all such records, if they are generated at all, should be
>>held offshore and accessible only through a procedure which includes a
>>duress clause. > >This leads me to an interesting set of ideas I've
been playing with recently. > >Let's say I work for a large commercial
entity with very large amounts of >data about lots of US (and other)
consumers. Let's also say that I'm >starting to feel that the integrity
of this data can't be assured under >the current (or future) regime in
DC. (And this lack-of-integrity may play >out as a very real
marketing/customer service issue.) Let's also say that >I've convinced
the relevant parties within this commerical entity to start >moving this
data (or a copy of it, perhaps) offshore, where it can be more >readily
'protected'. > >Has this kind of thing been done already? (I'm talking
about huge amounts >of commercial data.) And, how is that data placed so
that there's a >reasonable level of confidence that it's 'safe' (ie, if
the data were >moved to the UK I would assume our cronies over there
would be eager to >help DC dig out whatever they needed). Do we need a
few copies in varying >political regimes in order for this to work? Since
some very sensitive citizen data is already being accessed and processed
offshore I doubt there are laws against its only copy being moved
offshore as well. The companies doing so, of course, would need to
prevent the data's corruption or misuse. >ALso, anybody know if there are
any legal consequences/risks here in the >US if this was even attempted?
(ie, 'moving' data really means copying >overseas and then destroying the
local copy...I assume a big corporation >could do this without any legal
consequences...). > >Also, is this even worth doing or is there some big
hole in the logic >here? (Tyler Durden being a Cypherpunk of the Stoopid
variety...) In at least a few cases large companies have been blackmailed
by offshore workers unhappy with pay. I can't recall the exact details
but one situation, I think, involved some Pakistanis threatening to
release confidential medical patient data, a clear violation of the HIPPA
regs., if they didn't get more dosh. steve
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus
system (http://www.grisoft.com). Version: 6.0.574 / Virus Database: 364 -
Release Date: 1/29/2004
More information about the cypherpunks-legacy
mailing list