Comment by franciscop

Yes, I believe fining a company 1-10% of their annual revenue (not profit) is a strong fine (for this kind of crime!). The kind of issues I'm discussing here, involuntary data leaks, we are trying to make them change their ways, not to bankrupt them or have them leave the market altogether. These fines escalate (the next bigger than the previous) and can be repeated as needed, so if they don't change their ways they WILL be fined into oblivion. But the main goal is for them to change the way they deal with data and security.

> Start putting CTOs in handcuffs and I'll consider it a strong punishment.

But we are discussing companies, which take decisions to maximize profit for their shareholders; I would also agree with putting CEOs/CTOs in handcuffs under the right circumstances.