VTech to embed data breach acceptance in its Terms and Conditions - expert comment
February 2016 by David Gibson, VP of strategy and market development at Varonis
Following the data breach of toy maker, VTech, last year, the company is now trying to embed data breach acceptance in its Terms and Conditions. More than 6.3 million children’s accounts were affected by last year’s breach, which gave the perpetrator access to photos and chat logs. VTech’s new terms and conditions state that parents must assume responsibility for future breaches.
Commenting on this, David Gibson, VP of strategy and market development at Varonis, said:
“Protecting customer, partner and employee data is a business requirement. Imagine if all the medical history questionnaires you fill out at the doctor’s office had a big warning on top, “If someone steals the information you provide here, it’s your problem.” Or a store saying, “feel free to use your credit card, but we’re not responsible if someone figures out how to steal the number from our systems.” Would you still do business with them? Shouldn’t digital information about children be treated with at least the same care? It’s possible that VTech may have run afoul of the US’s COPPA laws for protecting children’s data. The larger point is that consumers should expect reasonable data security without having to be personally liable.”