- While the U.S. Department of Justice came to the conclusion that the Chinese military hacked into Equifax's credit reporting service, it did the broken usa political system that made such a hack possible.
- A combination of lobbying and ideological inflexibility has made it impossible for Congress to pass a good federal law on data protection and cybersecurity.
- The Americans choose politicians who let other countries steal our things. And some people seem to agree.
- This is an opinion pillar. The thoughts expressed are those of the author.
- Further information can be found on the Business Insider homepage.
According to the Department of Justice, Chinese hackers broke into the Equifax credit reporting service in 2017 and stole millions of Americans' personal information from one of the worst security breaches ever. According to the DOJ complaint, they used a vulnerability in the website to resolve disputes within the Equifax system.
Of course, that alone is worrying. But what's worse, it was American corruption that made it easy.
You better believe that China is trying to steal your things
China doesn't just use its military to do this Steal business secrets, It is also used to steal anything that could be used to put pressure on a US citizen. For example, it has been accused of stealing personal information from millions of government employees in 2015, The Chinese authorities have taken extensive surveillance measures, as evidenced by the massive surveillance state they have set up in their own country. They believe that data is power.
This is why it is so annoying that the US government has been so impeccable in protecting our data. Tech companies have been around for years Lobbying against data protection and cyber security laws at the federal level, And that, in combination with a republican party conquered by a religious anti-regulatory mania, basically left the Chinese military with a key to intruding and looting an American company directly.
In addition, carelessness of companies in situations where data is breached is not punished, so stupid behavior cannot be excluded. Equifax stock hit a beat after announcing hacking (two months after it happened, I might add), but has since fully recovered and a few more. The injury was a slip.
The stock and the company also entered into an agreement with the Federal Trade Commission for $ 575 million last July, And in the quarter after the violation was announced. Equifax had quarterly sales of $ 875.7 million, up 5% year over year. The company made more money in 2018 than in 2017 and 2017 more than in 2016.
No harm, no foul, no incentive for companies to review their security behavior.
The same thing happened when Facebook paid a $ 5 billion fine for his data breaches. In the quarter before the fine was announced, Facebook had sales of $ 15 billion and had already set it aside $ 3 billion for the fine, If the government wants companies to change their behavior, it may want to impose some penalties that do matter.
That is how it goes
Data protection and cyber security laws in this country are a mess, and that makes it easier for companies to handle our data carelessly. States have a number of laws that require companies to report security breaches at a specific time, take data protection measures, and allow attorneys general to file claims for damages and take financial remedial action.
And when those laws get tough, like California’s consumer privacy law, tech companies – and yes, Equifax will tell you it’s a tech company – go into hyperdrive and try to weaken it, This is done in part by restricting what should be considered personal data and thus restricting when and for what consumers can assert their rights to retaliation or legal protection.
At the federal level, the rules on cybersecurity and data protection were thrown back by a double strike in lobbying and ideological intransigence. Take the case of GOP Senator Ron Johnson from Wisconsin, who is now chair of the Senate's Committee on Homeland Security and Government Affairs. As Politico reportedJohnson has repeatedly blocked efforts to better protect our data.
In 2012 Johnson basically torpedoed bipartisan data protection and cyber security laws based on the fact that it was a regulatory overexertion and bad for businesses.
He continues to make this argument in his committee, blocking legislation on everything from election security to spread encryption on personal devices. It doesn't matter what the question is; The answer is no. "Johnson and his team spent so much time looking for businesses that they had little time to think about the impact on voters.
While Congress is addressing the question of whether American technology companies should be held accountable for undermining public trust in everything from basic research to democracy, the Chinese have already decided what they will do.
They will take advantage of the lack of consensus in Washington to build a database of information about every American. You will then find out which ones are easy to exploit, apart from the obvious traces on Capitol Hill.
The lack of ideological or political flexibility that prevents us from addressing this intrusion is an American problem. We can either vote for politicians who are able to stand up to business, cooperate and compromise, or we can let people like Johnson open the door and let the Chinese military come in to steal our things.