“FEMA Officials Accidentally Released Private Data From 2.3 Million Disaster Victims,” The Wall Street Journal, March 23, 2019. Agency shared unnecessary personal information with a contractor.
Once you have someone’s private data, what controls do you have on using it, storing it, or transferring it to someone else? Those are steps you take in protecting those peoples’ data. Are you sharing enough, but not too much, of their private information?
I am struck by the use of “accidentally” in the headline. The government intended to release the data it released; this was not the case of leaving their briefcase on a bus. I guess they “accidentally” gave the contractor more information than necessary. I guess, but am not sure, that this is better than being hacked, which implies the intervening act of a third party. Here, there was not third party.