Shostack + Friends Blog Archive


Emergent Predictions

  1. By the end of 2005, we will have had a month with at least 30 disclosures of serious security breaches, making private information about people available.
  2. At least 10 of these breaches will involve data which organizations are required by law to store and protect.
  3. This will cause a set of Congressional hearings, in which the current data retention standards will be questioned. No reduction in government-mandated data collection will result.

One comment on "Emergent Predictions"

  • Iang says:

    The ‘success’ of the California law SB1386 is likely to become a touchstone for future laws. But this is unfounded. For every success in public lawmaking there are a dozen failures. Further, if there is any success in SB1386, it seems to show that there is no need for a federal law – the states did it by themselves, and indeed, one state did it for the rest! Finally, we haven’t exactly done the analysis to show that SB1386 is a net benefit – what are the downsides? What are the unintended consequences?

Comments are closed.