Member-only story
Featured
SECURITY
We Should Have a “You Got Hacked, You Pay” Law
Because hacked victims deserve protection, not paperwork
A few years ago, my wife had a bad fall that required an ambulance. Later, we learned the ambulance company had been hacked, and her personal information, along with many others, was stolen. Lawyers jumped in with a class action suit, and it’s now been settled.
In my state, my wife has a choice. She can take a $50 flat settlement and agree to never sue the company, or she can reject the offer and retain that right.
The $50 Problem
Obviously, $50 is poor payment for identity theft. However, if her identity were stolen at some future time, how could she ever prove it was a direct result of this specific breach? With so many sites having been hacked over the years, many of us have been exposed multiple times — identifying which site was responsible would be very difficult. Additionally, sites may have been hacked without ever knowing or disclosing it!
The current system doesn’t protect consumers — it protects lawyers and insurers. When so many companies have been breached, proving where the data leak came from is like proving which raindrop made you wet.
