Slashdot Mirror

← Back to Stories (view on slashdot.org)

Equifax Lobbied For Easier Regulation Before Data Breach (wsj.com)

Posted by msmash on from the more-details-emerge dept.

WSJ reports: Equifax was lobbying lawmakers and federal agencies to ease up on regulation of credit-reporting companies in the months before its massive data breach. Equifax spent at least $500,000 on lobbying Congress and federal regulators in the first half of 2017, according to its congressional lobbying-disclosure reports. Among the issues on which it lobbied was limiting the legal liability of credit-reporting companies. That issue is the subject of a bill that a panel of the House Financial Services Committee, which oversees the industry, discussed the same day Equifax disclosed the cyberattack that exposed personal financial data of as many as 143 million Americans. Equifax has also lobbied Congress and regulatory agencies on issues around "data security and breach notification" and "cybersecurity threat information sharing," according to its lobbying disclosures. The amount Equifax spent in the first half of this year appears to be in line with previous spending. In 2016 and 2015, the company's reports show it spent $1.1 million and $1.02 million, respectively, on lobbying activities. While the company had broadly similar lobbying issues in those years, the liability matter was new in 2017.

5 of 104 comments (clear)

  1. They knew by Calydor · · Score: 5, Insightful

    They knew about the breach when they started lobbying for that. LONG before the poor schmucks were allowed to know about it.

    --
    -=This sig has nothing to do with my comment. Move along now=-
    1. Re:They knew by MickyTheIdiot · · Score: 5, Insightful

      The corporate death penalty, i.e. the loss of charter, needs to be a thing. The possibility of all the stock becoming worthless would be a great tool in getting corporations to actually follow the law.

      However since we have a congress that is OWNED by corporations there isn't a way for it to happen.

    2. Re:They knew by MickyTheIdiot · · Score: 5, Insightful

      The executives and management should be held personally responsible

      Though I agree in this case, this is a dangerous line of thinking — not entirely unlike blaming a rape victim for wearing too short a skirt...

      This is the worst simile I have EVER seen on Slashdot. That's saying a lot.

      The corporate CxOs are NOT the victim in this scenario. The corporate worshipers on /. and the Internet love to tell us that the executives deserve huge pay packets because they are responsible. However in *every case* when something happens that hurts thousands of people they are always don't know what happened. Executives hold responsibility and deserve what they are paid or they don't know what is going on and they are overpaid. You can't have it both ways.

      The CxOs were the benefactors of the malfeasance. Calling them rape victim is idiotic.

  2. Hangin's too good for 'em by Rick+Schumann · · Score: 5, Insightful

    You think maybe Equifax is exemplar of all the other credit reporting agencies? I think they might be. I think there needs to be some corporate nutsacks put on the congressional anvil, with liberal application of the judicial sledgehammer over this, to ALL of them. It's bad enough that jackass businesses like Facebook and Google and ISPs are invading our privacy, but companies like these credit reporting agencies MUST BE ABOVE REPROACH AT ALL TIMES OR THEY ARE WORSE THAN USELESS. It is totally, completely unacceptable that this happened at all and it has to STOP.

  3. Re:Just think... by markdavis · · Score: 5, Insightful

    >"Your data wouldn't have been given to criminals if they had invested that $500K in security."

    Actually, according to the summary, they spent at least $2.6 MILLION dollars in just the last 2.75 years, alone. Imagine how much that money COULD have done if they had used it to hire a few good security engineers and made meaningful changes.