Why is it that the more user information you have, the greater the responsibility to protect privacy?

On August 28th, the network broke the news that the user data of Zhu Hua Group's chain hotels was suspected to have been leaked. According to the content released by the seller, the data includes the guest information of Hanting, Joy, Orange, Ibis and other 10 brand hotels owned by Huazhu. The leaked information includes the registration information of Hua Zhu in official website, the identity information of hotel check-in, the hotel room opening record, the guest's name, mobile phone number, email address, ID number, login account password, etc. Sellers package and sell about 500 million pieces of data. In the afternoon, Zhu Hua Group issued a statement saying that it had quickly carried out internal verification and called the police at the first time.

140G contains about 500 million pieces of data and information, involving 654.38+300 million person-times of hotel users of more than 10 brands. Its scale, scope and influence are shocking. Although Zhu Hua didn't respond to whether the leaked information really belonged to the group, from the perspective of third-party security agencies and media detection, "the data is highly authentic".

It is nothing new that hotel user information is leaked. It may not be as big as this time, but there have been many information leaks of a certain scale in recent years. 20 13, 10 June, the domestic security vulnerability monitoring platform "Black Cloud. Com revealed that it claimed to be the largest hotel digital room service provider in China. Because of security loopholes, the opening records of a large number of hotels it cooperated with were leaked to the Internet, involving 220,000 personal information of 4,500 hotels. 2065438+February 2005, seven famous hotels, including Starwood, were exposed that their opening records were leaked, and each hotel leaked more than10 million pieces of data. Other small-scale hotel user information leakage incidents are also exposed by the media from time to time.

In the Internet age, in order to stay in hotels more conveniently and quickly, users have to give up some personal information and privacy, which is required by the real-name registration system and the management department. However, there are also cases where some hotels excessively ask for customer information for their own interests. The more comprehensive the user information, the more accurate the marketing can be. In the era of big data, accurate user information can be described as a rich mine with extremely high gold content.

However, for user information, we can't just collect it without protecting it, but only use it without paying attention to the security of user information. The cost of asking for user information is low, but ensuring the security of massive information requires high cost, which is also the fundamental reason why hotels are unwilling to invest too much in protecting user information. Insufficient investment leads to frequent information leakage incidents.

As far as the suspected information leakage of hotel chain users under the Zhu Hua Group is concerned, although it is uncertain whether the source of the leakage is internal or hacker attack, there are obviously loopholes in protecting users' information security. Such a large amount of information disclosure is not only a great consumption of the reputation of the group, but also more likely to lead to more secondary disasters, such as the loss of users' personal and property safety and the violation of users' privacy. Therefore, Zhu Hua Group must attach great importance to this crisis and thoroughly investigate it. No matter which link goes wrong, you can't avoid your responsibility, but you should take the initiative to rectify and introduce detailed and targeted after-care measures.

This kind of rectification must be real, not superficial to deal with public opinion, and use so-called public relations skills to ease public opinion. In this regard, Didi's lessons can be described as profound, and the rectification has not been implemented, leading to the recurrence of passenger killings. The consequence is that Didi will go offline indefinitely. I hope Zhu Hua Group can learn from it and not repeat the same mistakes.

To ensure the information security of hotel users, in addition to fulfilling their responsibilities, the management department should also make more efforts. On the one hand, by strengthening pre-management, in-process inspection and post-punishment, it helps hotels to compact the main responsibility; On the other hand, it is necessary to clarify the boundaries of hotels asking for user information and prevent excessive asking for user information from becoming a common unspoken rule.

As the victims of information leakage, hotel users must also improve their awareness of information self-protection. When you register as a member and check in, you must carefully check the relevant terms to avoid the hotel asking for personal information excessively. Once information is leaked, we should dare to defend our rights. If every time user information is leaked, the hotel will only be questioned by public opinion for a short time, and will not face large-scale user claims and voting with their feet. They will inevitably lack the pressure and motivation to improve the security of users' personal information. In this way, the information leakage incident will inevitably be staged again.

Source: China Youth Daily