In my last post on the future (or lack of it) of air travel, I noted that all personal electronics - including laptops - are being banned from carry-on luggage on the premise that they can be used to remotely trigger bombs. What I didn't mention, since it would have amounted to a major (if not augmented) digression, was the way in which this method of reducing risks on the plane is likely to lead to increase risks after landing.
And no, I'm not talking about the Air Rage likely to result from being stuck, with no form of diversion, on a transatlantic flight in the center seat between a colicky baby with the lungs of a Wagnerian soprano and a chatty insurance salesman from Topeka. What I'm talking about is the risk of damage to or theft of those laptops in the checked baggage.
I'm hardly the first person to think of this (or anything else, for that matter). Computerworld ran an article on the problem back on August 10th, along with some very common-sense advice on how to minimize the fallout from breakage (such as backing up data on a regular basis) and theft (encryption and password protection).
That advice is also, I'm afriad, very timely.
A new survey of 500 information security professionals by Ponemon Institute LLC (reported in Computerworld once again) informs us that "eighty-one percent of companies surveyed reported the loss of one or more laptops containing sensitive information during the past 12 months". Eighty-one percent. Worse yet, 97% of stolen laptops are never recovered.
And this happened before the new restrictions went into force. Anyone care to guess what's going to happen in the next twelve months? Corporate spin machines are probably being primed with a fresh load of excuses, diversions, fabrications, obfuscations and some good old-fashioned hooey even as this is written.
It makes the recent flap over recent laptop losses at the Veterans Administration and the Navy look less like an aberration and more like business as usual - especially when you add in the recent loss of two laptops containing "names, addresses, birthdates and Social Security numbers of about 133,000 Florida residents" as well "fraud case files involving government contracts and grants" by the Department of Transportation. Is it any wonder that identity theft "remains the #1 concern among consumers contacting the Federal Trade Commission", according to the Identity Theft Resource Center?
What we have here, in short, is another instance of the law of unintended consequences. In attempting to reduce the risk of terrorist attacks, we increase the risk of laptop theft. That increases the risk of stolen identities, which can, in turn, be used by terrorists and other criminals to achieve their nefarious ends.
Are there steps we can take to minimize those unintended consequences? Certainly. Are we here in the USA likely to take them? Probably not. But that's a subject for a future blog entry.