It needs to be illegal to collect that data in the first place. Without a law that affects all manufacturers, the ones that don't do it will be at a disadvantage. The free market can't fix this because it is a variation of the tragedy of the commons.
this post was submitted on 27 Dec 2024
41 points (100.0% liked)
Pulse of Truth
600 readers
238 users here now
Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
founded 1 year ago
MODERATORS
I would prefer there to be a law that severely punishes any company that has a data breach. Back in the early 2000s when the RIAA started suing people for sharing music online the courts in one case finally landed on a value of $9,250 per song shared as a reasonable fine. I think that might be a good number to start with when a company shares (purposefully or not) someone's data without that person's permission.
That would put Volkswagen's fine at $7.4 Billion, which I think should help convince companies that they should really only collect and store data that they absolutely need... and to make securing that data a top priority.
Take it one step further though. The fine shouldn't be calculated per customer, but per piece of data. So name, phone number, and address would be 3 pieces, and every GPS data point is another piece.