Data Vu: Why Breaches Involve the Same Stories Again and Again

Authors

Woodrow Hartzog, Boston University School of LawFollow
Daniel Solove, George Washington University Law School

Document Type

Article

Publication Date

7-26-2022

ISSN

0036-8733

Publisher

Springer Nature

Language

en-US

Abstract

In the classic comedy Groundhog Day, protagonist Phil, played by Bill Murray, asks “What would you do if you were stuck in one place and every day was exactly the same, and nothing that you did mattered?” In this movie, Phil is stuck reliving the same day over and over, where the events repeat in a continual loop, and nothing he does can stop them. Phil’s predicament sounds a lot like our cruel cycle with data breaches.

Every year, organizations suffer more data spills and attacks, with personal information being exposed and abused at alarming rates. While Phil eventually figured out how to break the loop, we’re still stuck: the same types of data breaches keep occurring with the same plot elements virtually unchanged.

Like Phil eventually managed to do, we must examine the recurring elements that allow data breaches to happen and try to learn from them. Common plotlines include human error, unnecessary data collection, consolidated storage and careless mistakes. Countless stories involve organizations that spent a ton of money on security and still ended up breached. Only when we learn from these recurring stories can we make headway in stopping the cycle.

Recommended Citation

Woodrow Hartzog & Daniel Solove, Data Vu: Why Breaches Involve the Same Stories Again and Again , in Scientific American (2022).
Available at: https://scholarship.law.bu.edu/shorter_works/171

SSRN URL

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4326723

Publisher URL

https://www.scientificamerican.com/article/data-vu-why-breaches-involve-the-same-stories-again-and-again/