Maybe It is Not that Different
Just think of three different classes of data. Medical data covered by HIPAA and HITECH, credit data covered by the F.A.C.T. Act and criminal data covered by CJIS. Despite the need for some people to be able to access this data, thiese laws should be protecting the public. However, "sharing" issues have made it a mockery. We should be notified if ANY of our data is kept accessible through the Internet (such as on public cloud services. Could you sleep at night knowing almost all of your creit card numbers, security codes, experation dates and name-on-the-card are kept somewhere when any employee (U.S. or otherwise) can view the data? It's the same with medical data and with criminal data (arrest records even without a conviction?).
