August312007

IDTheft SIG Minutes
August 31, 2007

Attendees:
Abhilasha
Bob
Kevin
Eric
David W.
Robin
Britta

Eric led conversation around privacy/policy commonalities in documented breaches. He referenced a document he’d come across (in mail list archives with agenda for this meeting) his CISSP certification process. These are case studies for the U.S. Privacy Enforcement from the IAPP.

We also reviewed information available at Attrition.Org on all current and past data breaches, many of which are never mentioned in the press. This site also has a downloadable database that lists data breaches by organization, type of breach, charges filed, etc. http://attrition.org/dataloss

Discussion that it would be interesting to map common breach similarities. Perhaps launch this as a subteam activity within PPEG? Robin provided some status update on work being done in PPEG in the privacy/policy arena.