It seems like companies only get the message when there’s jail time involved. None of the companies would freeze my credit since their web sites said some unspecified value couldn’t be verified for me, despite confirming my data was indeed lost. Pretty sure, like other regulations that include jail time, this wouldn’t have happened or their website to freeze my credit would have worked.
I agree. Until someone's ass is on the line, and I mean in terms of prison time and not merely their job, the rational thing to do for a shitty company that never cared for its customers is to continue with that approach.
Just wanted to make the distinction that we are not the customer therefore, expectation to be treated as a customer are not going to be met. I was highlighting the frame of thinking and context that one should be using when thinking about their relationship with such entities. I could have delved deeper and specified that it is actually aggregate data, about us that is the actual product. My main point (which granted I could have been more clear on), was to emphasis that expectations will not be met if one thinks of themselves as a customer to a credit reporting agency. That is unless they work as an agent of an entity extending credit to consumers.
It was not my intention to be rhetorical nor to cast moral judgment, rather just to highlight that the relationship is different than that of a customer/business relationship.
Totally agree. Courts also need to be less hesitant to disband corporations that break laws or court orders. Too big to fail should go the way of the dodo.
I also tried to freeze my credit and their website required me to put something in the mail. I did, including sending copies of various documents, and never got any response. I have the same issue with one of the credit reporting bureaus. They refuse to give me my legally required free credit report despite multiple attempts and mailings.
I would have to get an actual lawyer with a lawyer's letterhead for them to care, probably. I don't really want to spend hundreds of dollars to get my free credit report.
I disagree, but I want to be clear that I disagree on practical, not ideological, grounds. As others have pointed out, handing out prison sentences for security breaches would be counterproductive. If we make it financially ruinous, companies are more likely to change their behavior in the way we want then to.
Why is Hacker news so obsessed with sending people to jail? Literally every time any sort of corporation get's fined (for nearly anything), there is a loud call to send people to prison.
It's like there is this undercurrent of bloodthirstiness and hatred for large companies and their leaders that get's brought to the surface.
Because many times, the default "punishment" is a fine that is often times a _small percentage_ of the _profit_ from the illegal/negligent act.
That is not a punishment, or even a deterrent. And therefore, corporate leaders continue, unabated, doing things like this. Because there is effectively zero incentive to do so.
If you are a corporate officer, directing and / or approving policies that are illegal, tell me why you should -not- go to prison?
> If you are a corporate officer, directing and / or approving policies that are illegal, tell me why you should -not- go to prison?
You should and the law allows for this. Certain crimes will get corporate executives locked up. It's a matter of making stricter liabilities and sentences for these white collar crimes, which really should have happened yesterday.
I absolutely agree. I was addressing the parent, more - and their question of "why does HN have this obsession with sending people to prison for corporate/white collar crimes?"
Because frankly wealthy, successful, rich people like those leading equifax (and many other major corporations) are not punished in the same way normal people are.
>Why is Hacker news so obsessed with sending people to jail? Literally every time any sort of corporation get's fined (for nearly anything), there is a loud call to send people to prison.
Because that is the default response to poor people, yet corporations don't have the same threat. They effectively become immune to the law as long as they are willing to pay the extra tax.
Jail time means a lot to people who usually commit high-stakes white-collar crimes since they have a lot to lose in those cases. A very material risk of facing it would definiely help prevent others from committing those crimes.
If you slap them in the wrist and let them carry on with a fine it makes it very easy for a psychopath to just risk it.
If you read the post, the question is how to change the behavior, and in the US would be white collar criminals are dissuaded by jail. We could give them a social score too, that seems to work in China.
Maybe not jail time but I would really want the board to be personally responsible for what they did. Or, if they can argue that they made sure their corporation had a good security culture, the executives who broke the company regulations need to be personally responsible.
Seriously, someone needs to be rehabilitated from this before they can be sent back into society. After someone gets out of jail from grand theft auto they need to understand that what they did was wrong and treating people like that hurts them. I’m not saying the executives need jail time and emotional trauma, but at least some sort of therapy where they’re confronted with the fact that doing this stuff with a hundred million people is not nice and has consequences. They should fundamentally rethink their lives and what brought them to do such a careless thing with people’s data, just like a convicted felon.
Edit: made it clearer that I meant the decision makers, not all owners.
