Hacker News new | past | comments | ask | show | jobs | submit login

Every time one of these garbage companies sends me a letter telling me they lost my information in a breach but don’t worry they are giving me FREE CREDIT MONITORING!!1! they should have to put $50 inside.

I think that would go a long way towards solving the problem.




Credit monitoring is really an indictment of the entire system: “if our negligence combines with someone else’s negligence, you might find out sooner”


A large group of Americans instead view this as proof that capitalism is working. (I’m not one of them) Checks and Balances, nevermind that we lack the leverage to extract more than “credit monitoring and lawyers get paid” or that it requires a civil judiciary that we pay for.


I don’t think lawsuits as a regulatory mechanism is an intrinsically unworkable idea, but clearly the system as it stands isn’t working very well.


Yes, the companies funding the libertarian movement have gotten their money’s worth back many times over. One of the most obvious examples of why this isn’t sufficient is that the arrangement is unilateral and there’s no practical way to opt-out of binding arbitration (which should be illegal) or to negotiate a price based on actual damages.


No. That would just put a market price on your dignity. Fifty bucks is cheap that they'd happily pay you that.

Please forgive me... I don't mean this as a personal insult; but a better system would be where you get fined $50 for being stupid enough to give them the data in the first place.


> where you get fined $50 for being stupid enough to give them the data in the first place.

So … you don’t use banks, utilities, phone companies, healthcare, etc. and don’t apply for or accept non-anonymous jobs? This isn’t optional in many cases, which is why it really needs to be covered by legislation which shifts the cost to the company collecting that data.


A better system would be one where the company paid a fine starting at $500 per record. Also, not all consumers who have had their data stolen gave it to the organization willingly.


Completely agree on this. A company-killing level of fine, based on number or records exposed, is appropriate. Then the insurance companies would not ensure companies unless they passed stringent audits around best practice and data hygiene.


There ought to be case studies about Transunion in the same classes in business schools where they discuss Bear Stearns.


I’m no more insulted than if you told me I’m a fool because I don’t live in a cave in the Himalayas chanting mantras. Our visions of a life well lived are too different for you to be able to insult me.


> Our visions of a life well lived are too different

Well that didn't come over as humorless, tone-deaf, pompous or over-sensitive at all, thank goodness. I'll just get back to grunting and waving a jaw-bone in my cave, eating grubs and worms and smearing myself with my own faeces, then, shall I?


Matthew 7:3-5


It depends. Some industries would be able to happily pay that. Others have tight enough margins that they might feel real impact. Even 1 million users x $50 is a huge sum for most companies.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: