IRS Leaves Taxpayer Data Largely Unprotected
LogError writes "Two weeks ago, Department of Treasury received a D-minus grade in the Federal Computer Security Report Card for 2005, down from a D-plus grade in 2004. The majority of Treasury systems are those belonging to IRS. The government-wide computer-security grade for 2005 was D-plus, while Homeland Security and Defense both received an F. Grades are based on reports submitted to Congress by the agencies; the reports are required under the Federal Information Security Management Act of 2002.8 The scores are meant to reflect whether departments meet federally mandated security standards."
Here's a question. What does it cost the IRS if taxpayer data is stolen?
Oh yeah. Squat. Why *should* they care? It's no skin off their back.
If our government wanted to make sure this didn't happen, they'd fine the IRS every time there was a security breach. In fact, they'd fine the IRS just for having bad security. And then things would improve.
'Course, in reality, why would they do that? There's no reason our government would want to hurt the IRS in any way.
Really, what should be happening is the people of America suing the IRS for not guarding our information properly. I wonder how *that* lawsuit would go.
Here's the fundamental issue: If you want someone to behave in a certain way, you have to make it worth their while. Right now the IRS has no incentive for keeping our info safe. Want to change that? Change it at the source.
Breaking Into the Industry - A development log about starting a game studio.