glen-martin
Data Theft: It's the victim's fault, right?
posted Thursday, 30 June 2005
A new bill before the US Senate aims at the theft (or sometimes loss) of personal information. The proposed bill would reportedly impose restrictions on what information can be gathered and how it might be shared.
More interesting to me, though, are some other features. One of them is the creation of a regulatory infrastructure around so-called "data brokers". More interesting still: rewrite computer crime laws to create new penalties - somewhat amusing since the thefts are already illegal.
Both of these provisions seem only about increasing the cost of doing business, and the penalties levied against witless companies when their information is stolen. The fines may be covered by business insurance, and either way will eventually just find their way into fees charged to customers. If a bank loses some information, expect the spread between savings and lending rates to increase. In fact, since I expect the companies will go the insurance route, expect them to increase prices now to cover their increased business insurance premiums.
Why shouldn't prices go up to cover this? The victims - those who suffer identity theft - are the guilty parties, right?
No, none of this makes any sense to me. The only winners here are the trial lawyers.
Forget the monetary penalties. Instead make violators inform their customers and prospects of their procedural violations and thefts each and every time they ask for more information. That'd solve the problem in a heartbeat - either by driving customers away and forcing companies to fix their policies, or by driving customers away and companies out of business.
More interesting to me, though, are some other features. One of them is the creation of a regulatory infrastructure around so-called "data brokers". More interesting still: rewrite computer crime laws to create new penalties - somewhat amusing since the thefts are already illegal.
Both of these provisions seem only about increasing the cost of doing business, and the penalties levied against witless companies when their information is stolen. The fines may be covered by business insurance, and either way will eventually just find their way into fees charged to customers. If a bank loses some information, expect the spread between savings and lending rates to increase. In fact, since I expect the companies will go the insurance route, expect them to increase prices now to cover their increased business insurance premiums.
Why shouldn't prices go up to cover this? The victims - those who suffer identity theft - are the guilty parties, right?
No, none of this makes any sense to me. The only winners here are the trial lawyers.
Forget the monetary penalties. Instead make violators inform their customers and prospects of their procedural violations and thefts each and every time they ask for more information. That'd solve the problem in a heartbeat - either by driving customers away and forcing companies to fix their policies, or by driving customers away and companies out of business.
comments