Strip Searches and Credit Card Data: What's Next?

April 7, 2012 -- For those of us who care about privacy, these past seven days have truly disappointed.

With relatively little fanfare in the midst of a cacophonous (that means "noisy" Senator Santorum) parade of news, three significant events seriously undermined our constitutional right to privacy and highlighted (in a muted sort of way) the extent to which new business practices and perhaps the second oldest human inclination (criminality) have continued the relentless assault on our individual rights and liberties. The worst part is that it seems we're all becoming accustomed to it. Indeed, these affronts to our privacy seem to be becoming part of the country's genetic makeup… perhaps even as American as apple pie.

First, credit and debit card processor Global Payments, Inc. acknowledged it is the yet the latest flavor of the month in the data breach derby. It took the company three weeks to notify customers and law enforcement officials that there had been an "unauthorized access" to its systems, and that the card numbers and sensitive data of as many as 10 million consumers may have been compromised. MasterCard, Visa and American Express confirmed that they were affected, along with banks and other institutions that issue cards bearing their logos. But then something happened rather suddenly — almost magically: the impact of the breach was downgraded. Within hours of the initial release, the number of "exposed" consumers dropped from 10 million to "only" 1.5 million. It was pointed out that Global Payments has but a paltry 3.5% share of the market, servicing "only" 800,000 or so merchant accounts.

So, are you having a "here we go again," or a "who cares if it didn't happen to me" moment?

I realize that it feels like just another swell in an ocean of data breaches that have washed over (and drowned some of) us in the past few months. However, that this breach was minimized so quickly — and so quickly disappeared from the news cycle — is a matter of grave concern.

[Related: Read more columns by Adam Levin]

Breaches of this magnitude have become accepted as "oh well, just another day in paradise."

I'm afraid that the breach notification minstrels have so inundated us with countless tales of database compromises we have come to accept them as little more than white noise in the village square — the voice of the town crier droning on in the background. The media has become numb, perhaps not understanding the seriousness of the situation. But the parts of government tasked with law enforcement surely could take greater notice of instances where numbers are quickly and drastically altered (one could be forgiven for jumping to the conclusion that these things happen in order to assuage consumer anxiety in the interest of business as usual). The jury is still out as to this particular compromise.