JDPFu.com 2025

It is really simple to end all the personal data leaks that we read about all the time, make the penalty of the leak so high that no company would ever allow it to happen. Further, make the fine be paid directly to the impacted persons, so it isn’t the class action lawyer or some neutral party being paid.

A few years ago, my college leaked 20,000 transcripts on the internet. Mine was not one of the leaked, but if I were going to cost $2,000, per instance, for the fine, I suspect my University would be more careful. That fine would have cost them $40M. Yep, they wouldn’t leak anything, that’s for certain.

There are a number of systems out now that are known to leak private data, MySpace, Facebook, and Paypal are constantly found to be deficient with security practices. If there was a $2,000 fine for each failure, I bet they’d fix it or refuse all private data. Or, they’d go out of business, which would give them an opportunity to come back with better security after bankruptcy. Further, venture capitol would demand excellent security processes to prevent any private data breaches.

How is any of this bad? I suppose the companies (slime?) who make money offering bogus privacy insurance would be harmed. They would convert into audit companies or fold. I suspect lawsuits against Microsoft for common program breaches would increase, forcing them to create a secure OS if they wanted to retain customers. I can get behind that. The people and companies certifying private data won’t be leaked will be held accountable if their system fails too.

Is financial data the only private data or is anything not found in either the telephone book or government documents to be considered private? Is there an expectation of privacy for all other information that should be protected?