CNET también está disponible en español.

Ir a español

Don't show this again

Security

This week in security

The issue of privacy remained very public this week, following ChoicePoint's recent data leak.

The issue of privacy remained very public this week, following ChoicePoint's recent data leak.

The company, which compiles electronic dossiers on Americans and sells them to insurance companies, other businesses and police agencies, apologized to a congressional committee for the mishap, which so far has led to 750 known cases of identity fraud.

CEO Derek Smith told the committee that the incident "has caused us to undergo some serious soul-searching." But Smith's remorse may not be enough to soothe the fears of lawmakers, who said they may clamp new restrictions on companies that amass and sell Social Security numbers and other personal information.

Such restrictions, however, might not be applicable to companies such as Amazon.com, which has irked privacy advocates with a system it's invented to gather clues about customers' gift-giving habits. Post a review of a book or other product on Amazon.com, and the information may find its way into the company's file on you. That's one key feature of the system, anyway.

The company says the idea is to enable it to suggest future gifts and reminders to customers. But advocate groups say the system could involve profiling children, as well as exploit gift-giving and the sense of community that customer reviews were designed to engender--or worse.

"There's no guarantee that there won't be some disastrous privacy invasion coming out of this," said Karen Coyle, a spokeswoman for Computer Professionals for Social Responsibility. "That's a very big risk to take with children."

Amazon spokeswoman Patty Smith downplayed concerns. Although the company has won a patent for the system, she said, this doesn't mean the system will be put into place. "It's not something we're currently doing," she said. "It's all hypothetical."

More than 100,000 alumni of Boston College may be wishing their situation was hypothetical right about now. The college is dealing with an attack on its fund-raising databases, which may have exposed the personal information of those alumni.

College representatives said Thursday that the school was the target of a virus attack on a computer housed in a campus calling center used by students to solicit donations from alumni.

Although an investigation bore no evidence that hackers may have accessed alumni information stored on the database--which included individuals' Social Security numbers and other personal details--the school decided to inform all the people whose records might have been compromised.

Spokesman Jack Dunn said the college will also purge individuals' Social Security numbers from all of its records in the future. He said schools have long used the identifiers to keep track of people in a number of ways but noted that increasing concerns over the security of computing systems used to store the information have caused the college and others to review the policy.