I lambasted American Express for its "heady combination of really bad data management strategy, awful customer service and terrible internal communications" because it managed to really annoy me.

This year, I have a selection of contenders for the Golden Turkey (Or "Dinde D'Or" as the French would have it ... I rather like the sound of that).

First up: Heartland Payment Systems, which earlier this year. According to the Open Security Foundation's excellent Web site, Heartland's loss of some 130 million consumer records in January to a hacker who was apprehended in August still stands as the all-time record. I nominate Heartland for lousy security.

The runner-up in this category is IBM and the UK Rural Payments Agency (RPA). According to the RPA, IBM managed to lose two backup tapes containing detailed personal data such as bank details, addresses and passwords on 100,000 farmers in England in May. A total of 39 tapes originally went AWOL, although eventually all but two were found. That was bad enough, but then the RPA neglected to tell the farmers about the loss. IBM and the RPA are nominated for gross negligence.

In February the behavior of the Recording Industry Association of New Zealand (RIANZ), which instigated the passage of Sections 92A and C of New Zealand's Copyright Amendment Act 2008. These sections establish a "guilt upon accusation" principle in the case of suspected music piracy. Quite obviously the RIANZ and the New Zealand parliament are nominated for willful infringement of people's right to due process and very suspicious politics.