E-Business Compliance: Gramm-Leach-Bliley Act
The idea of starting a business today is daunting, not just because of the competitive landscape and bumpy economy, but because of regulation. That's not to say that regulation is necessarily bad, it's just confusing, and it's often hard to tell who needs to comply, what you need to comply with, and how you need to do it. Some regulations just get bogged down in paperwork, get filled with loopholes as part of the legislative process, or lack teeth.
On the "lack of teeth" front, I'll give you an example. When visiting a third world country in Southeast Asia, I encountered a gauntlet of officials at the border immigration office, each of which required a fee. Last in the line was the health inspector, who sets up shop at a table in the immigration office - which is itself nothing more than a collection of folding tables and plastic chairs underneath a canopy. Now the government's intended purpose of said health officer was to have someone there to provide health advice and prevent the spread of contagious diseases. But after standing in his line, he will present you with a piece of paper with his health stamp on it after you give him the equivalent of about one American dollar. If you are being carried in on a litter and your skin is falling off your body from leprosy, you will still receive the stamp so long as you have the required fee. To his credit, he did notice the nail fungus on my fingernails and suggested to me that I should eat more seafood.
The situation is not quite so egregious here in the Western world, but we are indeed flush with confusion and paperwork. Let's take a look at one of the scads of compliance acts in particular, Gramm-Leach-Bliley, and how it affects e-business. This act requires financial institutions to securely store personal financial information, and to give consumers privacy notices that explain the institution's information sharing practices. The Act also gives consumers the right to opt out of some of that information sharing. Now I have seen those privacy notices. Those are the little slips of paper you get with your bank statement that nobody ever reads. I certainly haven't. They could plainly state, "we reserve the right to post your personal information, including details pertaining your bank account, credit cards, and the size and color of your underwear, on the Internet," and I would never know it. And, financial institutions are allowed to share your information with their affiliates, and you can't opt out of that - and in these days of huge bank mergers and acquisitions, a financial institution may have hundreds of affiliates engaging in a wide variety of businesses.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
