Comment by clipsy
3 years ago
If you think those fines are strong punishments you are, frankly, delusional. Those figures are a drop in the bucket and are regarded by the companies in question as little more than the cost of doing business. Start putting CTOs in handcuffs and I'll consider it a strong punishment.
Edit: Also, just to be clear, the reason I brought up class action lawsuits is not because I think all punishment will result in remuneration for those affected, but because in those cases the class action lawsuits were the only consequence the companies in question faced.
Yes, I believe fining a company 1-10% of their annual revenue (not profit) is a strong fine (for this kind of crime!). The kind of issues I'm discussing here, involuntary data leaks, we are trying to make them change their ways, not to bankrupt them or have them leave the market altogether. These fines escalate (the next bigger than the previous) and can be repeated as needed, so if they don't change their ways they WILL be fined into oblivion. But the main goal is for them to change the way they deal with data and security.
> Start putting CTOs in handcuffs and I'll consider it a strong punishment.
But we are discussing companies, which take decisions to maximize profit for their shareholders; I would also agree with putting CEOs/CTOs in handcuffs under the right circumstances.