Is It Illegal To Get Hacked?
from the define-reasonable-procedures dept
Tower Records and the FTC have apparently reached a settlement after the FTC accused them of allowing hackers to access customer records. This brings up a very interesting question that isn't often discussed. Since hack attacks to get at customer data happen all the time how does anyone determine whether or not the company itself is negligent in not protecting the data? At what point is it negligence rather than just being vulnerable? If the standard is set too low, then companies have less incentive to protect their data (though, pissed off customers may provide that incentive). However, blaming the victim for being hacked seems to present a lot of slippery slope style questions.