There’s been yet another data breach – this time it’s JPMorgan Chase. I'm fed up. Companies need motivation to address the hacking problem, and the liability of our accounts and personal data does not seem to be enough.
I have railed against this for months so it is time to put up or shut-up. So here goes. I created a Whitehouse.gov petition and I am asking everyone to sign it. This petition reads as follows:
WE PETITION THE OBAMA ADMINISTRATION TO:
Personal data must be protected by large organizations
Personal data including but not limited to home address, HIPAA data, Social Security Numbers, bank and credit card numbers must be protected by organizations with over 1000 employees. If the data is not protected and is lost for any reason, the organization becomes responsible for that loss with no exclusions and no liability limits.
Long Past Time for a Change
Apparently companies do not care enough about our data to protect it, nor do these companies seemingly want to accept liability for their incompetence. The number of people at risk in the U.S. is staggering and yet resources and security practices are not being followed or enforced.
It's time that the liability falls directly on these companies with unlimited time length and unlimited backend costs. Only when the cost of losing data exceeds the cost of protecting data will anything likely change. It falls upon us to either put up with this weekly – or sometimes daily – list of what company lost what data – or shut up. Of course I am not naïve enough to think that this petition will do much of anything, but you never know.
I am very tired of hearing about this issue, when I know much of the issue is one hundred percent solvable with the right amount of motivation and the right amount of resources applied. My grandfather would never let us say “shut up” as kids because in his generation it was a bad word, but he was born before the outbreak of WW I. I never thought I would be putting it in print. But groups of people railing about something seems to get the attention of the press. And guess what? It’s an election year and we are about one month away. Put up or shut up. I put up. Please help.
Photo courtesy of Shutterstock.
Labels: cybersecurity,data security policy,data security practices
posted by: Henry Newman