Version: 2008
  • On CBS MoneyWatch: Double Foreclosures for Nicolas Cage

Comments on: Judge: Firm not negligent in failure to encrypt data

Federal court throws out suit attacking student loan provider for failing to encrypt customer database subsequently stolen.

Add a Comment (Log in or register) (8 Comments)
  • prev
  • 1
  • next
It's a policy the company should enforce
by caxaca51 February 14, 2006 9:42 PM PST
Any sensitive data that is allowed to be mobile should undergo
some basic security precautions such as encryption. If I
understand correctly, this judge is saying that since no harm was
done, the company did no wrong. This is negligence at it's best.
Reply to this comment
actually not negligence
by declan00 February 14, 2006 10:20 PM PST
To be a little lawgeekish here, the tort of negligence requires actual harm, not speculative harm.

So it's more like the judge is saying "Sorry, the law does not provide you with a way to cash in by suing this company when you haven't been able to demonstrate harm. If you don't like it, change the law. But otherwise you're out of luck."
View reply
WTH? A *laptop*
by duerra February 15, 2006 6:12 AM PST
Maybe I missed something, but what the h*ll is half a million records of personal data doing on somebody's *laptop*? That sounds pretty negligent to me.
Reply to this comment
Is there a low crime network online?
by baswwe February 15, 2006 7:22 AM PST
"Judge Kyle disagreed, saying that the house was in a relatively low-crime neighborhood and that the law does not specifically mandate encryption."

What about online? Is there a low crime network that you shouldn't have your stuff safeguarded?
Reply to this comment
How do you figure?
by February 15, 2006 7:44 AM PST
"So it's more like the judge is saying..."

The judge mentions the factors as being, one, a low crime-rate neighborhood, and, two, no specificity in the law, itself, requiring encryption.

So what twisted logic gives you the idea that 'what he's saying" is about actual damages as a prerequisite to going to Court there buddy? Misconstruing arcane laegalese is one thing, but fabrication is something else, no?

Reply to this comment
A desktop would have been better?
by booboo1243 February 15, 2006 8:06 AM PST
Desktop machines get stolen, too. Note that the laptop wasn't being used as a mobile machine, but as a remote machine. It was being used in a physical location thought to be secure.

Security is never absolute. The fact that something bad happened does not, itself, imply negligence. The fact that further safeguards could have been taken that would have protected against a specific threat does not, itself, imply negligence.
Reply to this comment
Firm not negligent in failure to encrypt
by skobryan February 16, 2006 6:41 PM PST
Well, if this is how the Judge sees it then I guess the banking and healthcare regulators better re-write the audit programs and save everyone the time audits cost to companies. Wow, the judge totally missed the point on this one!
Reply to this comment
(8 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET