Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy

Journal article

Gibson, Dennis and Harfield, Clive. (2022). Amplifying victim vulnerability : Unanticipated harm and consequence in data breach notification policy. International Review of Victimology. 29(3), pp. 341-365. https://doi.org/10.1177/02697580221107683

Publication dates
Authors	Gibson, Dennis and Harfield, Clive
Abstract	Loss of control over one’s identity through identity usurpation, or identity theft, results in victimization characterized by multiple species of harm: material harms such as financial loss; medical harms such as psychological distress and consequential physiological illness; and moral harms such as infringement of autonomy. Digital data breaches are a common means by which identity can be usurped and laws have been enacted requiring data-holders to notify data subjects when their personal information held on digital databases has been compromised. The intention is that victims should then be able to undertake their own mitigation measures. This paper explores the efficacy of this approach as a solution and argues that this policy – particularly in the light of new digital criminal methodologies – creates a conflict of victims’ interests. It is an unintended outcome of policy that exacerbates, rather than resolves, identity usurpation and associated victimization in the digital environment.
Keywords	data breach notification; digital victimization; harm mitigation; policy; ransomware
Year	2022
Journal	International Review of Victimology
Journal citation	29 (3), pp. 341-365
Publisher	SAGE Publications
ISSN	0269-7580
Digital Object Identifier (DOI)	https://doi.org/10.1177/02697580221107683
Scopus EID	2-s2.0-85134356111
Web address (URL)	https://journals.sagepub.com/doi/10.1177/02697580221107683
Research or scholarly	Research
Page range	341-365
Publisher's version	License All rights reserved File Access Level Controlled
Output status	Published
Online	14 Jul 2022
Publication process dates
Deposited	09 Jun 2023

Permalink -

https://acuresearchbank.acu.edu.au/item/8z208/amplifying-victim-vulnerability-unanticipated-harm-and-consequence-in-data-breach-notification-policy

Restricted files

Publisher's version

(1 files)

67
total views
0
total downloads
0
views this month
0
downloads this month

These values are for the period from 19th October 2020, when this repository was created.

Export as

Related outputs

Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers

Harfield, Clive Geoffrey. (2024). Risk and Resilience : Mitigating Corruption Vulnerability When Managing Informers. Journal of Criminology and Criminal Justice Studies. 2(2), pp. 199-217. https://doi.org/10.47509/JCCJS.2024.v02i02.05

Covert investigation

Harfield, Clive and Harfield, Karen. (2023). Covert investigation Oxford University Press.

Criminal law for common law states

Harfield, Clive, Hamilton, Mark and Teshome, Aderajew. (2023). Criminal law for common law states LexisNexis.

Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville

Dodd, Shannon, Morgan, Morgan, Dillon, Anthony, Lawton, Luke and Harfield, Clive. (2023). Deterring drivers : An initiative to reduce car theft and joyriding by young people in Townsville Brisbane, Australia: Australian Catholic University. https://doi.org/10.26199/acu.8z9v6

Constructing a village memory : significance and story in the Buriton Roll of Honour

Harfield, Clive. (2022). Constructing a village memory : significance and story in the Buriton Roll of Honour. Hampshire Studies (2022). 77, pp. 194-216. https://doi.org/10.24202/hs2022011

Was Snowden virtuous?

Harfield, Clive. (2021). Was Snowden virtuous? Ethics and Information Technology. 23(3), pp. 373-383. https://doi.org/10.1007/s10676-021-09580-4

Contradictions and inconsistencies in Australia's mandatory data breach notification laws

Gibson, Dennis and Harfield, Clive. (2021). Contradictions and inconsistencies in Australia's mandatory data breach notification laws. Computer Law and Security Review. 42, p. Article 105600. https://doi.org/10.1016/j.clsr.2021.105600

(Im)material culture : Towards an archaeology of cybercrime

Harfield, Clive Geoffrey and Schofield, John. (2020). (Im)material culture : Towards an archaeology of cybercrime. World Archaeology. 52(4), pp. 607-618. https://doi.org/10.1080/00438243.2021.1882333

Covert investigation

Harfield, Clive and Harfield, Karen. (2018). Covert investigation Oxford University Press.

Undercover policing-a legal-comparative perspective

Harfield, Clive. (2018). Undercover policing-a legal-comparative perspective. In In den Boer, Monica (Ed.). Comparative policing from a legal perspective pp. 153-168 Edward Elgar Publishing Limited. https://doi.org/10.4337/9781785369117.00015

Covert investigation

Harfield, Clive and Harfield, Karen. (2016). Covert investigation Oxford University Press.

Body-worn POV technology : Moral harm

Harfield, Clive Geoffrey. (2014). Body-worn POV technology : Moral harm. IEEE Technology and Society Magazine. 33(2), pp. 64-72. https://doi.org/10.1109/MTS.2014.2319976

Law, morality and the authorisation of covert police surveillance

Harfield, Clive. (2014). Law, morality and the authorisation of covert police surveillance. Australian Journal of Human Rights. 20(2), pp. 133-164. https://doi.org/10.1080/1323-238X.2014.11882153

Police informers and professional ethics

Harfield, Clive. (2012). Police informers and professional ethics. Criminal Justice Ethics. 31(2), pp. 73-95. https://doi.org/10.1080/0731129X.2012.696960