Q: Visit PrivacyRights.org to see the types of publicly available information about data breaches.  How might researchers use this information to study breaches?  Enter a paragraph in your journal.

A: From reading both the data collected from the database and the FAQ section of the website, I’ve come to a few conclusions regarding how researchers could view this. On the down side, while the collection of all of this data is certainly impressive, there is an issue with this information being publicly available that anyone can just to submit. Viewing this from an analytical standpoint, the database doesn’t portray an 100% accurate depiction about data breaches in the United States, as the site is dependent on both the data breaches made publicly apparent in the US and submissions of individual people and companies, and the latter probably isn’t as accurate since a majority of people likely wouldn’t report their data breaches to this specific project in particular. Furthermore, the website reports that it does use AI to make inferences on the information and data provided from people and that they very much could be incorrect. In general, for serious researchers, this method of researching data might make some researchers skeptical on how accurate the data can be. Nevertheless, while not providing the full picture of data breaches, PrivacyRights.org does provide a glimpse into the world of data breaches in the United States, and does have a lot of information on the specific companies targeted by cyber attacks in addition to types of data breaches themselves. While not providing the most accurate image, researchers could still gather some data from this site and use it for their own research. For instance, they could see that hacking is by far the most common data breach method compared to other methods; in addition, the top 10 companies targeted by data breaches all comprise of banks and credit unions. As a researcher in cybersecurity, this in particular stood out to me due to their being a correlation between hacking and companies that handle financial information, more than “card” based data breaches with the same companies. An assumption that could be made from this database is that hackers are more interested in bringing banks/credit unions systems down to steal information than fraudulent activities and scams. All things considered, while this isn’t the most reliable database to pull information from, there are still some valuable data and research to be pulled from PrivacyRights.org.