11. PlayStation Network Hacked
Also in April 2011, Sony announced that hackers had stolen personal data from 77 million PlayStation subscribers. Although this was a security breach of Sony's PlayStation Network, the privacy implications were significant given that the intruder had stolen names, addresses, email addresses and birthdates for so many customers. Sony said it was unclear whether credit card data was stolen, and it warned customers to be on the lookout for identity theft. Security experts said the Sony privacy breach was one of the largest on record. Sony estimated that the incident cost the company $171 million to rebuild its computers and purchase credit protection services for its customers.
12. Disney Violates Kid Data Rule
U.S. Web sites that target children for subscriptions or sales must comply with special rules aimed at gathering permission from parents under the Children's Online Privacy Protection Act (COPPA). In May, 2011, Disney's Playdom, Inc. had the dubious honor of paying the largest-ever COPPA fine, which was a $3 million civil penalty from the FTC for gathering and sharing personal information about hundreds of thousands of children without parental consent. Playdom, which runs the popular Pony Stars site, collected kids' ages and email addresses and allowed them to post their full names and locations. Other sites that have run afoul of COPPA rules include blogging outlet Xanga.com and mobile app developer Broken Thumbs.
13. Carrier IQ
The year 2011 closed out with another privacy-oriented brouhaha, this time surrounding Carrier IQ, which sells analytics software for mobile devices. The software is used in an estimated 142 million smartphones. A systems analyst/amateur security researcher discovered this software on his smartphone, and found that it was capturing battery life, connections, text messages, emails and other actions. A slew of accusations followed, with Carrier IQ and its carrier customers being taken to task for allegedly keylogging, spying and tracking. But more detailed analysis by other professional security researchers found that the systems analyst who originally raised the issue was confusing Carrier IQ's actions with those of debug statements mistakenly left in the Android code by phone maker HTC's programmers. As it turns out, Carrier IQ was simply collecting performance data for optimizing the end users' experience. Nevertheless, the original discovery prompted Sprint and HTC to reportedly no longer include the Carrier IQ software on their devices.
14. GM to Sell Vehicle Data
Sign up for CIO Asia eNewsletters.