Slashdot Mirror

← Back to Stories (view on slashdot.org)

Document Disposal Law Kicks In

Posted by Zonk on from the shred-it-burn-it-lock-it-in-a-can dept.

dougrun wrote to link to a story on MSNBC regarding a new federal law requiring individuals who handle other people's personal information to dispose of the data properly. From the article: "Recycling the paperwork isn't good enough -- it must be destroyed, the rule says, rendered useless to anyone who might stumble upon it. The FTC can sue and obtain fines of up to $2,500 for each instance of neglect."

14 of 146 comments (clear)

  1. What about online electronic records? by Hulkster · · Score: 3, Interesting
    I've read several articles about this legislation, but there is very little information about electronic records. I see a a brief mention about "discarding a computer's hard drive" ... but what about online record keeping? I gotta believe there is a cottage industry that provides web access for folks to track their hired help - who is liable if that becomes public? And what happens if someone hacks into your computer?

    A cute McDonald French Fry

    1. Re:What about online electronic records? by treff89 · · Score: 4, Interesting

      As inferred above, I put forward the notion that this law is powerless. Not only are things such as computers not thoroughly covered (leaving numerous loopholes for defence in a court of law), but the government has exempted themselves. Clearly, they therefore do not take this seriously, and this law is all about people coming home, thinking "Look at the good the government is doing for my privacy!" and nothing about actually making a difference. (Footnote: No party based comment, I live in Australia.) (FN2: IANAL.)

    2. Re:What about online electronic records? by Anonymous Coward · · Score: 1, Interesting

      I picked up a second hand box and the drive contained the complete medical records of a local doctor's patients.

    3. Re:What about online electronic records? by networkBoy · · Score: 2, Interesting

      So what about this incident?
      http://www.thekcrachannel.com/news/4451423/detail. html
      Details how Farmers insurance threw confidential docs in the trash (SSNs, Acct numbers, statements, claims, etc.)
      -nB

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    4. Re:What about online electronic records? by mikael · · Score: 2, Interesting

      There are numerous stories in the UK about people buying second hand laptops and finding military and local government data on them.

      I personally found a couple of PC cases being thrown out on a skip. Everything had been stripped down and removed except for the hard disk drives, which were held in place by star shaped screws. If disk drives were designed to be installed/removed in a more modular fashion, then it would be a lot easier to reuse them rather than throw them out.

      --
      Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
    5. Re:What about online electronic records? by BlueStrat · · Score: 2, Interesting

      I recently picked up an old PC from a friend that he obtained from an auction of property from a local small (around 35 employees) grocery store that closed.

      Apparently, this was either the personnel managers' or store managers' PC, as there were employee and payroll records, including SSNs, bank account routing numbers, medical insurance info, drivers license numbers, names, addresses, phone numbers, etc. on the hard drive.

      The only precaution taken, it seems, was to wipe the boot sector of the drive, which any linux/FreeBSD rescue or live CD can recover/rewrite in a few seconds. Luckily for them I'm honest, and used a hard drive overwrite utility to make the data relatively unrecoverable.

      Makes one start thinking about all ones' previous jobs, and what kind of data storage disposal policies (if any) they might have had. Scary.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
  2. define "destroyed" by tfoss · · Score: 3, Interesting
    It's pretty clear that even cross-cut shredders won't do the job. There are commerical ventures that charge by the volume of shredded paper for document reconstruction. Scan all the pieces (strip, cross-cut or confetti) and let imaging software piece them together. The slow step is taping the shreds to white paper for scanning. Seems that incineration, some beefy acid, or some kind of serious ink solvent would be needed to comply.

    -Ted

    --
    -=-=- Quantum physics - the dreams stuff are made of.
  3. Re:Sigh... more landfill trash... by Thng · · Score: 2, Interesting
    It should be recycled, and afaik, the document destroyers in my town do that, and ship some of the paper to a nearby egg crate manufacturer.

    I somewhat doubt that it will lead to so much more in landfills. if they recycled documents before, then they'll still probably recycle them, just probably exert more work to do so (or give to document destruction service). If they didn't recycle before (ie, just threw it all in the trash)... well, actually, it might not be a bad idea to let someone else deal with it totally (document destruction service)

    regarding it decomposing in landfills... not really A few (10?) years ago, Discover magazine had an article on this too. 40 year old newspapers (at the time), readable.

  4. I applaud this law. by Anonymous Coward · · Score: 1, Interesting

    This law should be more severe.

    Companies should not be allowed to keep sensitive, personal info for more than a few days after a transaction. If one comes back to a company to modify the transaction (refund, exchange, etc.), the customer can resubmit the sensitive info then.

    Only federal government entities should ask for a social security number, and only state government entities should ask for driver's license numbers. All other entities (private, municipal, etc.) should generate their own identity codes, which should be destroyed after a reasonable time period.

  5. Um... what about Enron type stuff? by Capt'n+Hector · · Score: 3, Interesting

    So you are required to destroy documents unless you knowingly do so when there's about to be a federal investigation that will require those documents, in which case you can be sent to prison for destroying them? Sounds like a good reason not to use paper at all...

    --
    Quid festinatio swallonis est aetherfuga inonusti?
    Africus aut Europaeus?
  6. Re:And all those outsourced jobs? by The+Dark+P · · Score: 2, Interesting

    Most foreign countries have stricter data protection laws than the US. I worked at an office which handled personal data from medical studies, in lots of cases they were worried about sharing data with their US counterpart because their data protection laws were not strict enough, likewise, the australian branch was less keen to share with us because their data protection laws are stricter still.

  7. Re:2500 isn't much by pcmanjon · · Score: 3, Interesting

    " $2500 doesn't seem to be a very harsh punishment for my personal data being compromised when the FCC can fine companies $11000 per do not call violation."

    The government isn't concerned with fortune 500's disposal of information, but the mom and pop shops more than anything else. I was able to see the meeting on TV and thats what they said.

    They actually brought the donotcall bill up, and they said thats because fortune 500's make calls to homes more than mom and pops. -Shrugs-

  8. Re:Sigh... more landfill trash... by krbvroc1 · · Score: 2, Interesting
    I was under the impression shredded paper is not as useful for recycling. The ability to recycle paper depends on the strength and length of the paper fibers. Shredded paper has lost a lot of strength and has short fibers due to being cut. That means that whereas regular paper can be recycled into some lesser form of paper, shredded paper must be used for something like a cheap cardboard/egg crates.

    Regardless, privacy is more important to me than the landfill.

  9. Re:Sigh... more landfill trash... by Seraphim1982 · · Score: 2, Interesting

    Do you really think that fast food outlets cared about anything other then the fact that paper/cardboard wrappers are cheaper then foam wrapers? They may say it was for enviromental reasons, but I persoanlly believe they was an afterthought and that they wouldn't have switched if there hadn't also been a money saving aspect.