Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stop Saying, 'We Take Your Privacy and Security Seriously' (techcrunch.com)

Posted by msmash on from the closer-look dept.

Security reporter Zack Whittaker writes: In my years covering cybersecurity, there's one variation of the same lie that floats above the rest. "We take your privacy and security seriously." You might have heard the phrase here and there. It's a common trope used by companies in the wake of a data breach -- either in a "mea culpa" email to their customers or a statement on their website to tell you that they care about your data, even though in the next sentence they all too often admit to misusing or losing it. The truth is, most companies don't care about the privacy or security of your data. They care about having to explain to their customers that their data was stolen.

I've never understood exactly what it means when a company says it values my privacy. If that were the case, data hungry companies like Google and Facebook, which sell data about you to advertisers, wouldn't even exist. I was curious how often this go-to one liner was used. I scraped every reported notification to the California attorney general, a requirement under state law in the event of a breach or security lapse, stitched them together, and converted it into machine-readable text. About one-third of all 285 data breach notifications had some variation of the line. It doesn't show that companies care about your data. It shows that they don't know what to do next.

8 of 192 comments (clear)

  1. And by 110010001000 · · Score: 5, Insightful

    And politicians don't really care about their constituents or the country. And SJWs really don't care about equality. The list is endless.

    1. Re:And by b0s0z0ku · · Score: 5, Insightful

      Which is why there should be laws penalizing invasion of privacy. If companies start getting fined for bad behavior and their assets start being taken, they'll listen -- money talks, BS walks.

    2. Re: And by justthinkit · · Score: 5, Funny

      We take your privacy and security. Seriously.

      --
      I come here for the love
  2. Easy to tell whether they take it seriously... by seebs · · Score: 5, Interesting

    I have a pretty simple test for whether people take a thing seriously. How does it compare to how they handle payments?

    Consider:

    I ask you to stop spamming me, and you say I need to allow you 30 days to stop.

    I ask you to take $5 from my bank account, and in under 10 seconds you have successfully resolved a transaction in a thorough, secure, and traceable away, even if my bank isn't on the same continent as your bank.

    Which of these do I think you "take seriously"?

    --
    My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
  3. No, seriously. by stavrica · · Score: 5, Informative

    We took your privacy and security.

    It's gone.

    1. Re:No, seriously. by Anonymous Coward · · Score: 5, Funny

      'We Take Your Privacy and Security, Seriously'

  4. Missed Punctuation by Anonymous Coward · · Score: 5, Funny

    The problem is all these companies forgot a semicolon. Let me help.

    We take your privacy and security; seriously.

  5. No company takes security seriously by OneHundredAndTen · · Score: 5, Insightful

    They all pay lip service to security. That's all. They don't do what they should, because it is simpler, and most cost-effective, for them to do damage control when the inevitable security breach happens than really trying to prevent it. We have heard about huge security breaches in Equifax, Target, Visa etc. Those companies are still there, business as usual. They sure took a hit, but it probably impacted on their bottom line less than having to invest on minimizing the probability of such breaches in the first place.