How To Fix The Data Theft Mess: Put The Burden On Data Collectors

from the incentives-are-everything dept

With all the stories concerning data theft lately, the reaction has been typical. Extreme outrage followed by politicians pushing a law that won't actually solve the problem (not that anyone will ever go back and point that out to them). Instead, it would be nice if people started looking at ways to actually deal with the issue. The NY Times is running an opinion piece comparing the situation to the "credit card crisis" in the 1970s, when banks were pushing credit cards on people and criminals were stealing the cards and using them for fraudulent transactions. Congress finally passed a law that limited credit card loss to $50 on a single transaction, and while the banks screamed about how awful this was, the article notes that it actually came back to save the credit card industry. It made people feel safe about using credit cards and it forced the banks to take the issue of fraud much more seriously. So, the article suggests, shouldn't we be doing the same thing, and placing the burden for any fraud committed on the companies that are storing your data? That has to be better than the current set of proposed laws that just tell data collectors to do a better job protecting the data -- without giving them any real incentive to do so.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Obvious personified, 11 Jul 2005 @ 6:39am

    Too Obvious...

    I thought exactly the same thing. Put the responsibility back on these unregulated pricks who have somehow made a business out of selling or most precious asset - our identities. It is amazing to me that we are expected to continually check our credit reports for anything unusual while these companies are allowed to market our data. The opt out doesn't work as so many companies already have our data and continue the trade that even if you opted out of every co your aware of, you'd never know if you'd reached them all. Add to that the fact that they send their credit card offers to people with shaky payment histories and ignore non traditional credit entities. It outrages me everytime I read my email or snailmail to find yet another offer from banks and the credit people to guard my credit info - for a recurring monthly fee of course. Doesn't that sound a bit like a modern version of the old "protection" racket?

    link to this | view in chronology ]

  • identicon
    Pete Austin, 11 Jul 2005 @ 7:52am

    Proxmire was right

    From the original article.

    "Here's what Mr. Proxmire did. First, in 1970, he drafted a bill that banned the practice of "dropping" credit cards on people without their consent. Four years later, he pushed through a bill that limited consumer liability to $50 if a credit card was used fraudulently."
    International Herald Tribune" or New York Times

    The same two things would cure identity theft:
    1) Ban the practice of storing personal data without consent
    2) Limit liability to $50.

    Just limiting liability is not enough, because currently a lot of companies *legally* store your details without your consent, so how can you possibly prove which one is responsible for losses due to identity theft, so you can make them pay up?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 11 Jul 2005 @ 10:59am

      Sue


      CLASS ACTION SUITS !

      The " Lottery " of a new generation ...

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 11 Jul 2005 @ 3:40pm

        Re: Sue

        Naw, our new government has seen to it already that companies will only get slapped on the hand in Class Action litigations.

        link to this | view in chronology ]

  • identicon
    secret squirrel, 11 Jul 2005 @ 5:59pm

    Data collectors.

    Placing any real liability on these leeches only will put them out of business if regulations have any real teeth to them.

    I believe that the only reason that actions such as the credit card solution can be taken is if the actors involved can act to put off the real costs to some large lucrative, easy to milk group, which is what has happend with credit cards.

    Indivduals think they are protected by this, but the fact is that massive fraud is ignored for the most part because the banks don't really pay. Individuals may think they don't pay for this, but the 18 to 21 percent rates they have to pay evenutally for credit could be lower if the banks could get their money and have less fraud to dump on the backs of consumers.

    This is unlikely to happen, because there simply is no real way to find a pool of stuipid or captive money to tap to "pay" for the slipups.

    And they wont be put out of business, because in the end the government really does like to have as many people being watched as possible.

    link to this | view in chronology ]

  • identicon
    Bob, 12 Jul 2005 @ 9:36am

    Don't Tread On Me

    Any such law requiring responsibility from a data collector will run into fierce opposition on Capitol Hill, as it's the U.S. Government itself that's become the biggest client of the aggregators (no need for the government to invade your privacy or tread on your civil rights and upset you, when it can simply pay a 'private' company to quietly do the deed for it)

    Then there's the issue of offshoring. If too many restrictive laws are enacted too quickly, companies may simply take your data to a place where you can't touch them.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.