Should Companies Share Criminal Blame In Identity Theft Caused By Data Beaches?

[mandy]

The act of stealing someone's identity is illegal. Allowing crackers to steal the identity in the first place isn't, but it should be. The most recent case is a doozy: Best Western gave up every piece of data on every customer of theirs since 2007. Note the choice of words -- they gave this information to criminals, whether they meant to or not. Every year, we're treated to several stories of large corporations losing personal information collected from their customers. I wrote about this back in May of last year, and obviously nothing has changed.

I've had to change my credit card numbers several times in the past few years simply because I used them at TJ Maxx and Hannaford stores, both of which managed to give away that information to criminals...

full article: http://weblog.infoworld.com/venezia/arch...18264.html

[BellisimaJ.]

Maybe not criminal responsibility, except for in egregious cases where it can be determined that the company in question was wilfully neglectful.

BUT, certainly, they should have to pay for every single issue related to identities stolen because of their loss of info. They should also be required to provide a service to perform all the myriad tasks required when an identity is stolen, or be prepared to pay hefty fines to the affected individuals.