Prompt:

Visit PrivacyRights.org to see the types of publicly available information about data breaches. How might researchers use this information to study breaches? Enter a paragraph in your journal.

Answer:

Publicly available information from data breaches is generally determined by state disclosure laws because companies will only disclose what they are legally required to. With that in mind, the data provides many avenues for researchers to pursue; the types of data that are commonly included can lend credence to inferences about the victims of attacks, the motivations of the attackers, response timelines for companies, the effectiveness of government policies and so forth. State by state data can tell researchers more about the effectiveness of stronger data protection laws such as the Virginia Consumer Data Protection Act or the California Consumer Privacy Act; these can be evaluated against other states on a per capita basis. It can also inform researchers on the forms of protections that consumers can take to insure their own data protection. Certain data such as how many breaches there were, what sectors they affect, how many users they affect, and how many there are compared to prior years can also inform researchers the general trends for data breaches and privacy losses. Publicly available data such as these are a vital tool for academic researchers to evaluate the strengths of legislation, the impact of breaches, and ultimately how best to tackle the thorny issue that is how to reduce the number of data breaches and protect the consumers.