Data-Theft Followup: Strickland Claiming Extra Credit for Doing What Anyone Would Automatically Have Done

From the Zanesville Times Recorder, here’s the hands-down winner of the “Botched Headline of the Day” sweepstakes. Note who really thought the state overreacted (bold is mine):

Originally published August 5, 2007

Investigators say state overreacted to data theft

COLUMBUS (AP) - Several state officials told investigators they believed the state was overreacting in its response to the theft of a sensitive computer backup tape, which could now cost $3 million as more individuals sign up for identity-theft protection services, a newspaper reported Saturday.

Budget Director Pari Sabety told investigators there was “a passionate debate” within state government about how to respond to the theft. Some officials, including Sabety, argued that the state’s pledge to pay for the protection services was unnecessary, according to transcripts of interviews from the Ohio inspector general’s office obtained by The Columbus Dispatch.

….. “I believe we were overreacting and overcompensating given the physical attributes of the device,” Sabety said, according to interview transcripts. Sabety added that it was a matter of opinion “over which reasonable people can differ.”

As to Sabety’s claim of overreaction — I cannot think of a single similar instance where the entity that had failed in its responsibility to keep personal data secure didn’t provide a year of protection to those affected — regardless of nature of the device(s) stolen. Not to provide protection would have been irresponsible. Even at that, whether the state really did everything it could to encourage taxpayers and others whose personal information was compromised to obtain the free protection is very debatable.

This news is the latest in what is looking ever more in retrospect like a series of politically timed releases designed to make the Governor look good, as this excerpt from the Columbus Dispatch article referred to in the first excerpt above shows:

Although records show there was debate within Gov. Ted Strickland’s administration about whether such a response was necessary since the odds of accessing the tape are low, the governor says protecting those affected is worth the cost.

“The wise decision is to lean on the side of being cautious,” spokesman Keith Dailey said.

Note how spending taxpayers’ money has turned into an act of gubernatorial nobility. But spending the money only became necessary because of poor data-control and protection procedures on the part of people who work for Mr. Strickland — people who had been warned about the inadequacy of their procedures a couple of months earlier, and who failed to carry out an order to correct the situation!

Spare me.

What spokesmouth Dailey is describing as a “decision” should have been an “automatic response” to do what anyone else would have done anywhere else, and has done everywhere else, without a second thought.

__________________________________________

Previous Posts:
- July 25 — Data-Theft Communication Follow-up
- July 24 — DataGate Post-Mortem: Protection Questions Linger
- July 17 — Ohio Data Theft: An Early-Spring Order to Encrypt Move Sensitive Info Surfaces NOW?
- July 13 — The State of Ohio Data Theft — One More Time: Independent. Investigation.
- June 25 — Ohio’s State Data-Theft Update, Including State Contact Info (PLUS: AP’s Unsolicited Damage Control and Dispatch Whitewash)
- June 22 — W-W-W-Wait a Minute: When Did THIS Data-Theft Number Go Up? (Answer: Maybe It Didn’t It Sure Did)
- June 20 — What the ???? (Ohio Data Theft Update; Time for an Independent Investigation)
- June 19 — What the ???? (Stolen State Data Was NOT Encrypted)