Banks Should Keep Your Data as Safe as Your Money

From the New York Times:

Citigroup’s revelation that hackers stole personal information from more than 200,000 credit card holders makes it one of the largest direct attacks on a major bank.

….Details remain scarce, but the disclosure of the Citigroup breach on Thursday quickly turned into a debate on whether the banks and major credit card companies had invested enough money to safeguard the personal information of their customers.

….“We’re not dealing with 14-year-old hacker kids,” said Steve Elefant, the chief information officer at Heartland Payment Systems, which overhauled its security measures after the systems it used to process credit and debit card transactions were hacked in 2008. “We’re talking about 21st-century bank robbers — sophisticated, organized criminal gangs, located mostly in Eastern Europe and the U.S.”

….Big credit card lenders are loath to acknowledge another reason that the breaches keep happening: they are in the business of reducing the financial losses stemming from fraud, not preventing data theft in the first place. As a result, analysts say, they have devoted the bulk of their resources to trying to stop fraudulent transactions from occurring.

Banks might indeed be loath to admit it, but the Times delicately hints at the reason this keeps happening: banks don’t care. And the reason they don’t care is because there are no serious penalties for these kinds of breaches and consumers have no ability to sue over them. What’s more, it’s consumers who end up having to clean up the mess if the hack results in ID theft or some other kind of fraud, not the banks. So why bother?

This is something that really ought to be a bipartisan outrage. Banks and other financial players don’t care very much about this stuff because they don’t have to pay much of a price for things like ID theft and data breaches, but they’d start caring if Congress passed legislation that made them responsible for these costs. That’s what Congress did in 1968 for credit card fraud, and banks started figuring out clever ways to reduce fraud mighty quickly. Make them responsible for data breaches and I’ll bet they’d figure out how to reduce those too. Alternatively, we could just pass some heavy-handed rules, as Europe has done. One way or the other, though, banks should be responsible for the cost of their own mistakes. That’s really not something that Republicans and Democrats should have much reason to disagree about.

DOES IT FEEL LIKE POLITICS IS AT A BREAKING POINT?

Headshot of Editor in Chief of Mother Jones, Clara Jeffery

It sure feels that way to me, and here at Mother Jones, we’ve been thinking a lot about what journalism needs to do differently, and how we can have the biggest impact.

We kept coming back to one word: corruption. Democracy and the rule of law being undermined by those with wealth and power for their own gain. So we're launching an ambitious Mother Jones Corruption Project to do deep, time-intensive reporting on systemic corruption, and asking the MoJo community to help crowdfund it.

We aim to hire, build a team, and give them the time and space needed to understand how we got here and how we might get out. We want to dig into the forces and decisions that have allowed massive conflicts of interest, influence peddling, and win-at-all-costs politics to flourish.

It's unlike anything we've done, and we have seed funding to get started, but we're looking to raise $500,000 from readers by July when we'll be making key budgeting decisions—and the more resources we have by then, the deeper we can dig. If our plan sounds good to you, please help kickstart it with a tax-deductible donation today.

Thanks for reading—whether or not you can pitch in today, or ever, I'm glad you're with us.

Signed by Clara Jeffery

Clara Jeffery, Editor-in-Chief

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate

Share your feedback: We’re planning to launch a new version of the comments section. Help us test it.