Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy

Journal article


Gibson, Dennis and Harfield, Clive. (2022). Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy. International Review of Victimology. 29(3), pp. 341-365. https://doi.org/10.1177/02697580221107683
AuthorsGibson, Dennis and Harfield, Clive
Abstract

Loss of control over one’s identity through identity usurpation, or identity theft, results in victimization characterized by multiple species of harm: material harms such as financial loss; medical harms such as psychological distress and consequential physiological illness; and moral harms such as infringement of autonomy. Digital data breaches are a common means by which identity can be usurped and laws have been enacted requiring data-holders to notify data subjects when their personal information held on digital databases has been compromised. The intention is that victims should then be able to undertake their own mitigation measures. This paper explores the efficacy of this approach as a solution and argues that this policy – particularly in the light of new digital criminal methodologies – creates a conflict of victims’ interests. It is an unintended outcome of policy that exacerbates, rather than resolves, identity usurpation and associated victimization in the digital environment.

Keywordsdata breach notification; digital victimization; harm mitigation; policy; ransomware
Year2022
JournalInternational Review of Victimology
Journal citation29 (3), pp. 341-365
PublisherSAGE Publications
ISSN0269-7580
Digital Object Identifier (DOI)https://doi.org/10.1177/02697580221107683
Scopus EID2-s2.0-85134356111
Web address (URL)https://journals.sagepub.com/doi/10.1177/02697580221107683
Research or scholarlyResearch
Page range341-365
Publisher's version
License
All rights reserved
File Access Level
Controlled
Output statusPublished
Publication dates
Online14 Jul 2022
Publication process dates
Deposited09 Jun 2023
Permalink -

https://acuresearchbank.acu.edu.au/item/8z208/amplifying-victim-vulnerability-unanticipated-harm-and-consequence-in-data-breach-notification-policy

Restricted files

Publisher's version

  • 72
    total views
  • 0
    total downloads
  • 3
    views this month
  • 0
    downloads this month
These values are for the period from 19th October 2020, when this repository was created.

Export as

Related outputs

Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers
Harfield, Clive Geoffrey. (2024). Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers. Journal of Criminology and Criminal Justice Studies. 2(2), pp. 199-217. https://doi.org/10.47509/JCCJS.2024.v02i02.05
Covert investigation
Harfield, Clive and Harfield, Karen. (2023). Covert investigation Oxford University Press.
Criminal law for common law states
Harfield, Clive, Hamilton, Mark and Teshome, Aderajew. (2023). Criminal law for common law states LexisNexis.
Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville
Dodd, Shannon, Morgan, Morgan, Dillon, Anthony, Lawton, Luke and Harfield, Clive. (2023). Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville Brisbane, Australia: Australian Catholic University. https://doi.org/10.26199/acu.8z9v6
Constructing a village memory : significance and story in the Buriton Roll of Honour
Harfield, Clive. (2022). Constructing a village memory : significance and story in the Buriton Roll of Honour. Hampshire Studies (2022). 77, pp. 194-216. https://doi.org/10.24202/hs2022011
Was Snowden virtuous?
Harfield, Clive. (2021). Was Snowden virtuous? Ethics and Information Technology. 23(3), pp. 373-383. https://doi.org/10.1007/s10676-021-09580-4
Contradictions and inconsistencies in Australia's mandatory data breach notification laws
Gibson, Dennis and Harfield, Clive. (2021). Contradictions and inconsistencies in Australia's mandatory data breach notification laws. Computer Law and Security Review. 42, p. Article 105600. https://doi.org/10.1016/j.clsr.2021.105600
(Im)material culture : Towards an archaeology of cybercrime
Harfield, Clive Geoffrey and Schofield, John. (2020). (Im)material culture : Towards an archaeology of cybercrime. World Archaeology. 52(4), pp. 607-618. https://doi.org/10.1080/00438243.2021.1882333
Covert investigation
Harfield, Clive and Harfield, Karen. (2018). Covert investigation Oxford University Press.
Undercover policing-a legal-comparative perspective
Harfield, Clive. (2018). Undercover policing-a legal-comparative perspective. In In den Boer, Monica (Ed.). Comparative policing from a legal perspective pp. 153-168 Edward Elgar Publishing Limited. https://doi.org/10.4337/9781785369117.00015
Covert investigation
Harfield, Clive and Harfield, Karen. (2016). Covert investigation Oxford University Press.
Body-worn POV technology : Moral harm
Harfield, Clive Geoffrey. (2014). Body-worn POV technology : Moral harm. IEEE Technology and Society Magazine. 33(2), pp. 64-72. https://doi.org/10.1109/MTS.2014.2319976
Law, morality and the authorisation of covert police surveillance
Harfield, Clive. (2014). Law, morality and the authorisation of covert police surveillance. Australian Journal of Human Rights. 20(2), pp. 133-164. https://doi.org/10.1080/1323-238X.2014.11882153
Police informers and professional ethics
Harfield, Clive. (2012). Police informers and professional ethics. Criminal Justice Ethics. 31(2), pp. 73-95. https://doi.org/10.1080/0731129X.2012.696960