A patchwork of inconsistent and vague laws make it tough for IT to do the right thing.
Computerworld - I admit it: I was a policy wonk. As this newspaper's Washington correspondent many years ago, I covered literally hundreds of congressional hearings -- many of them about privacy. I had my nose in the fine print of the Federal Register and the Congressional Record. I huddled with anonymous congressional staffers to get the latest markup drafts of bills in subcommittee. I used to be able to quote key passages from my dog-eared copies of the Computer Fraud and Abuse Act and the Electronic Communications Privacy Act. I sat in the Capitol galleries and watched votes for landmark legislation.
And I was naive. I thought that the young staff attorneys drafting the legislation knew what was best for the country. I scoffed at industry complaints about various provisions being too hard to implement. Businesses also feared a hodgepodge of privacy laws across the 50 states, but I was skeptical of arguments for federal preemption of state privacy laws.
Older and wiser now, I know that those inconsistent and vague laws can make it tough for IT managers to comply even when they truly want to. The best intentions of those young staff attorneys can cause serious headaches for business folks outside the Capital Beltway, as the first story in this special report shows.
I still think policy-makers do the best they can when they write the laws. But I've learned that the law of unintended consequences is the most powerful law of all.
Mitch Betts is Computerworld's Features editor. Contact him at firstname.lastname@example.org.
- Compliance Headaches
- Privacy Potholes
- Outsourcing: Losing Control
- Chief Privacy Officers: Hot or Not?
- Privacy Glossary
- The Almanac: Privacy
- The RFID Privacy Scare is Overblown
- Test Your Privacy Knowledge
- Five Key Privacy Principles
- Privacy Payoff: Better Customer Data
- California Privacy Law a Yawner So Far
- Learn (Almost) Anything About Anybody
- Five Steps Your Company Can Take To Keep Information Private
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts