A business opportunity for somebody...

[jducoeur]

I wonder if there are any companies with the security and publicity smarts to offer a "Safe to Shop Here" logo for big stores? Given the TJX debacle (and the new news that people who shopped at TJX stores are having their identities stolen), I expect the public to start at least fractionally noticing information security as a concern. That would seem to create a business opportunity for someone to come out with a "Certified Secure" label for stores, the same way they're trying to build a "Guaranteed Organic" label that consumers recognize. Like that, only a fraction of the public would notice, but that fraction is likely to be passionate about it.

Not an easy task: the company would have to have the security chops to conduct really good security audits, and have the marketing machine to convince the public that they really are holding these companies to account. But it would seem like a way to print money if they could pull it off: it could become a significant competitive advantage to have your store certified by them (assuming they managed to get the public to pay attention to the label), and the space is pretty big.

(Devil's advocate: doing this without major legal exposure would be tricky -- the company couldn't afford to *guarantee* the security, just establish that their customers are following good enterprise-grade practices...)