How To Fix The Data Theft Mess: Put The Burden On Data Collectors
from the incentives-are-everything dept
With all the stories concerning data theft lately, the reaction has been typical. Extreme outrage followed by politicians pushing a law that won’t actually solve the problem (not that anyone will ever go back and point that out to them). Instead, it would be nice if people started looking at ways to actually deal with the issue. The NY Times is running an opinion piece comparing the situation to the “credit card crisis” in the 1970s, when banks were pushing credit cards on people and criminals were stealing the cards and using them for fraudulent transactions. Congress finally passed a law that limited credit card loss to $50 on a single transaction, and while the banks screamed about how awful this was, the article notes that it actually came back to save the credit card industry. It made people feel safe about using credit cards and it forced the banks to take the issue of fraud much more seriously. So, the article suggests, shouldn’t we be doing the same thing, and placing the burden for any fraud committed on the companies that are storing your data? That has to be better than the current set of proposed laws that just tell data collectors to do a better job protecting the data — without giving them any real incentive to do so.
Comments on “How To Fix The Data Theft Mess: Put The Burden On Data Collectors”
Too Obvious...
I thought exactly the same thing. Put the responsibility back on these unregulated pricks who have somehow made a business out of selling or most precious asset – our identities. It is amazing to me that we are expected to continually check our credit reports for anything unusual while these companies are allowed to market our data. The opt out doesn’t work as so many companies already have our data and continue the trade that even if you opted out of every co your aware of, you’d never know if you’d reached them all. Add to that the fact that they send their credit card offers to people with shaky payment histories and ignore non traditional credit entities. It outrages me everytime I read my email or snailmail to find yet another offer from banks and the credit people to guard my credit info – for a recurring monthly fee of course. Doesn’t that sound a bit like a modern version of the old “protection” racket?
Proxmire was right
From the original article.
“Here’s what Mr. Proxmire did. First, in 1970, he drafted a bill that banned the practice of “dropping” credit cards on people without their consent. Four years later, he pushed through a bill that limited consumer liability to $50 if a credit card was used fraudulently.”
International Herald Tribune” or New York Times
The same two things would cure identity theft:
1) Ban the practice of storing personal data without consent
2) Limit liability to $50.
Just limiting liability is not enough, because currently a lot of companies *legally* store your details without your consent, so how can you possibly prove which one is responsible for losses due to identity theft, so you can make them pay up?
Re: Sue
CLASS ACTION SUITS !
The ” Lottery ” of a new generation …
Re: Re: Sue
Naw, our new government has seen to it already that companies will only get slapped on the hand in Class Action litigations.
Data collectors.
Placing any real liability on these leeches only will put them out of business if regulations have any real teeth to them.
I believe that the only reason that actions such as the credit card solution can be taken is if the actors involved can act to put off the real costs to some large lucrative, easy to milk group, which is what has happend with credit cards.
Indivduals think they are protected by this, but the fact is that massive fraud is ignored for the most part because the banks don’t really pay. Individuals may think they don’t pay for this, but the 18 to 21 percent rates they have to pay evenutally for credit could be lower if the banks could get their money and have less fraud to dump on the backs of consumers.
This is unlikely to happen, because there simply is no real way to find a pool of stuipid or captive money to tap to “pay” for the slipups.
And they wont be put out of business, because in the end the government really does like to have as many people being watched as possible.
Don't Tread On Me
Any such law requiring responsibility from a data collector will run into fierce opposition on Capitol Hill, as it’s the U.S. Government itself that’s become the biggest client of the aggregators (no need for the government to invade your privacy or tread on your civil rights and upset you, when it can simply pay a ‘private’ company to quietly do the deed for it)
Then there’s the issue of offshoring. If too many restrictive laws are enacted too quickly, companies may simply take your data to a place where you can’t touch them.