Recent posts (here and here) have pointed to claims - unsubstantiated, exaggerated or otherwise - of unauthorised access to Vodafone customer data.
As some readers of those posts have inferred, alongside perceived security inadequacies at Vodafone - and arguably at some of its competitors, given that most telcos rely on similar dealer networks that are often staffed by apparently bored, inexperienced 18-somethings - there are grounds for criticism of the way that the organisation has responded to consumer (and broader public) concern.
Ongoing unhappiness with Vodafone coincides with release by the Brookings Institute of a 17 page paper by Allan Friedman, Patrick Crowley & Darrell West on Online Identity and Consumer Trust: Assessing Online Risk [PDF]. That document is not radical or scintillating and is arguably less incisive than the discussion in recent IPTF and FTC documents noted here.
However, it is a useful reminder - although one I suspect will escape the notice of both Vodafone and the Australian Privacy Commissioner - of the importance of trust in online environments.
Data loss may well be an unpleasant, inevitable fact of life for both consumers and data custodians (we should conceptualise public/private sector organisations as data custodians rather than data owners). However, the relationship between consumers, organisations and third parties needs to be founded on trust. For maintenance of that trust is is imperative that organisations demonstrate that they are aware of sensitivities, are committed to a meaningful response and are committed to proactive effective action that will substantially inhibit future losses.