"When data breaches happen, where does the buck stop ... and where should it stop?"
Tools
Tools
Das Chowdhury, Partha and Renaud, Karen and Rashid, Awais; (2025) "When data breaches happen, where does the buck stop ... and where should it stop?". In: NSPW '24. ACM, USA, pp. 106-125. ISBN 9798400711282 (https://doi.org/10.1145/3703465.3703474)
Preview |
Text.
Filename: Das-Chowdhury-etal-ACM-2025-When-data-breaches-happen-where-does-the-buck-stop.pdf
Final Published Version License: 
Download (1MB)| Preview |
Abstract
A digital-first society requires its citizens to carry out essential activities online e.g., applying for a passport, managing pension funds or scheduling medical appointments. Sensitive and personal information is requested and provided in the hope that the confidentiality, integrity and availability thereof will be preserved. In reality, data breaches occur with distressing regularity. When this occurs, ‘second’ victims are created: the customers whose data has been leaked. In many cases, service providers demonstrate very little care or concern for these victims, responsibilizing instead of supporting them. We surveyed 175 respondents, including second victims, non-victims and managers. It becomes clear that a ‘feudal security’ paradigm informs organisations’ responses to data breaches. Indeed, the buck seems to stop with second victims, instead of with the breached service provider. We propose an ‘Ethical Responsibilization’ paradigm which would see second victims treated more equitably and fairly.
ORCID iDs
Das Chowdhury, Partha, Renaud, Karen
ORCID: https://orcid.org/0000-0002-7187-6531 and Rashid, Awais;
-
-
Item type: Book Section ID code: 91830 Dates: DateEvent16 January 2025Published14 June 2024AcceptedSubjects: ?? QA76-890 ?? Department: Faculty of Science > Computer and Information Sciences Depositing user: Pure Administrator Date deposited: 20 Jan 2025 09:57 Last modified: 20 Jan 2025 09:57 Related URLs: URI: https://strathprints.strath.ac.uk/id/eprint/91830