The latest massive breach of USA citizen’s private information by poorly run companies once again shows how we are voting for the wrong type of people. We need to start electing people that fix problems instead of watching things burn.

It is not impossible to improve if you elect people that care about making things better. If you elect people that are driven mainly by doing favors for those giving them cash you get the system we have now.

I believe in designing systems that use markets to create the best solutions to desired outcomes (this is the basic idea of real capitalism – instead of the crony capitalism we have been infected with). Europe has much more respect for citizen’s privacy that the USA does. Europe has much more effect laws on protecting citizen’s privacy. For decades the 2 political parties in the USA have taken large cash donations (and more, future cushy jobs…) to allow the current system to punish citizen’s as their private information is abused and they are expected to spend their time and resources to fix the problems created by the identity theft the lack of decent systems in the USA to stop identity theft. And the design by the 2 parties to put the cost of dealing with it on voters and the benefits (of selling private consumer information and using poor security practices to create problems that voters have to clean up) to those giving the parties cash.

We need to stop voting for such corrupt parties and such poor representatives of our interests (though they are very good representatives of those paying them cash).

So what is a simple starting point for taking the burden of dealing with the easy identity theft our political parties and companies that don’t care about the costs of their sloppy practices on society are?

1. Force those approving false credit to pay. Anytime you have to fix credit given falsely in your name they must pay you. Say, $1,000 minimum.
2. Force those providing false information about you to pay. If credit bureaus report false information about you that you must correct it is $50 if it is fixed within 7 days of a simple internet form being completed. If it takes 30 days the cost is $150. If they require you to provide additional information, additional costs accrue. They must provide your the original documentation on the loans.
3. Give consumer automatic and free control over the use of their private information.
   Obviously, credit freezes, and managing that status must be free.
4. Any organization that collects private financial information must have liability insurance. That insurance will automatically pay per security breach. For name + SSN ($150) + Date of birth ($20) + cell phone number ($20) + current address ($100) + credit card number ($50) + email address ($10) + mother’s maiden name ($25), etc. If you do not collect SSN, credit card number, cell phone number or current address this will not apply. I haven’t given it any thought, but there should be some level of private information that pushes you into the category of the organization that must have liability coverage (what that is can be worked out).
5. The funds for those security breaches are paid to the Consumer Financial Protection Bureau and used to
   • create better security practices for private information
   • fund enforcement of those better security practices
   • fund law enforcement investigations and criminal prosecution of those abusing private financial information

This idea needs to be expanded beyond my 1 hour of thinking about it, but it is sad that in 1 hour I can think of much more effective ideas than our political parties have put in place in 20 years.

The reliance on SSN as a identifier for people is something that shouldn’t have been allowed. It is one of many things that should be fixed and it should be fixed quickly.

The organization created here needs to focus on privacy of data. They need to encourage the use of encryption. They need to be given a seat at the table to counter those seeking to promote hacking (both leaving insecure software in place and creating insecurity in the software ecosystem to exploit and be exploited by criminals and other states) to benefit state sponsored spying. That debate will result in tradeoffs. Sometimes they will decide to allow our private information to be put at risk for other benefits. But they need to accept the responsibility of doing so. It would likely be sensible to charge the departments leaving open security holes and creating security holes anytime it becomes obvious that they are responsible for the harm to us. Otherwise they pretend there are not costs to the very bad security practices that our government has been encouraging (even as crazy as it sounds building backdoors into software – which is a security disaster obviously).

Other than the extremely sad state of affairs in health care in the USA (with the Republicans focusing on making it much worse) the biggest threat to our personal finances is likely the lack of security in our financial system (though to be fair there are other plausible candidates – very high debt level…).

Related: Protecting Your Privacy and Security (2015) – Making Credit Cards More Secure and Useful (2014) – Governments Shouldn’t Prevent Citizens from Having Secure Software Solutions USA Congress Further Aids Those Giving Them Cash Risks Economic Calamity Again – Security, Verification of Change – 8 Million New Potential Victims of Identity Theft (2008)