The message–that’s what I’m talking about–who’s gonna get the message first?
Data breaches, hacking, and privacy are one of the biggest news stories for 2011 and we are just just barely through the first half of the year. By now even the most zoned-out among us should have heard of the hacking that led to data breaches by businesses like Sony, Citigroup, and Lockheed Martin. The list of companies that have been hacked seems like the Who’s Who of the business world. Some reports even estimate that 90% of businesses have been hit by security breaches.
This is a big issue. Very big.
And you would think that business leaders would understand that their businesses could also be at risk for such a data breach and, if it were to happen, expose the business to significant liability under various data breach notification and privacy laws in many states. The hacking and data breaches are still happening, however. People’s personal information is still getting exposed and nothing seems to be slowing the hackers down.
Why? Can they not stop this?
Is it impossible for businesses to prevent these data breaches? Is it perceived as being too expensive? Too troublesome to bother with? Is it really? How about I tell you a story that may demonstrate why it is definitely worth the trouble?
Have you ever heard of the Ford Pinto? The car itself isn’t nearly as important as what it stands for in legal history: big punitive damages awarded by an angry jury.
The Pinto was an economy car that Ford built back in the 1970s that had one major problem:It exploded on impact. The structural design of the Pinto allowed the fuel tank filler neck to break off and the fuel tank to be punctured in rear end collisions which would occasionally cause deadly explosions. The even bigger problem according to the “Ford Pinto Memo” was that Ford knew it. Because it would cost $11 per vehicle to redesign Ford used a cost benefit analysis to determine that it would cost less to defend against wrongful death lawsuits stemming from such explosions of the car and consciously chose not to fix it.
In the case Grimshaw v. Ford Motor Co., Ford was sued over such a death and the jury, learning of Ford’s callous disregard for human life through this cost-benefit analysis, sent one heck of a message to Ford. It awarded the plaintiff $2.5 million in actual damages and $125 million in punitive damages. That’s a lot of money (especially in 1970s dollars)! Even though the punitive damages award was substantially reduced by the courts, it serves as a very good example of what juries can do when they get the feeling that big companies knowingly sacrifice the rights of individuals to save a couple of bucks.
What really impacted the jury was the fact that Ford knew the risks but consciously chose to do nothing about it because of what it would cost. Obviously, the magnitude of loss of life is far greater than the loss of privacy so the situations are different in that regard. I can’t help but think, however, that since the risks to breach of people’s privacy rights are so well known now, companies that do not take adequate steps to protect those privacy rights are running a risk of being sent the same message that Ford got — especially if it is discovered that they could have prevented it but didn’t to save a couple of bucks.
So the question is, “who’s gonna get sent that message first?” Surely not your company, right?
9/25/16 Post applying this article to Yahoo! / Verizon developing case
Global Payments Inc. April 2012 Data Breach Costs $94 MILLION!
14 thoughts on “Data Breach – Who’s Gonna Get It?”
Reblogged this on Shawn E. Tuma.
I’m not sure where I’m posting this – or maybe WHEN would be the better point – but here’s something for you to consider on how fickle the law can be. My family owned a 1973 Chevy Vega. My wife, before I met her, had a 1978 Pinto. The point? The two cars had the EXACT same rear end layout – bumper, then red-hot muffler, then unshielded gas tank. But for mere chance, it would’ve been GM on trial, not Ford. I wonder what effect that would have had on GM’s infamous “Chevymobile” suit (Chevy engines in Oldsmobiles, when people expected Olds’ “Rocket V-8s”), as well as on the rampant badge-engineering that cursed GM in the next decade. (At one point, EVERY GM branch had a version of the Cavalier, including the infamous Cadillac Cimmaron.)
See? It’s always a good thing to have a gearhead or two in your retinue.
John, I do recall a few of those cars … but, I wonder if GM had done the same “bean counting” in deciding not to protect against a known and foreseeable risk that was certain to take human life?
Well, as I said, the Vega’s rear end was identical to the Pinto, so I have my suspicions. And as to bean counters in GM, I’ll put it this way. Cadillac was known for rear-wheel drive power and world-class luxury. Then, they put forth a front-wheel drive compact – which everybody KNEW was based on an $8,000 Cavalier – and tried to pass it off as a $12,000-$14,000 luxury car. So the bean counters were alive and well. Maybe not costing lives- there was a VERY quietly added upgrade of a gas tank shield and movement of the bumper mounts on Vegas following the first Pinto reports – but definitely screwing up an industry that had been financially stable and was, if not widely acclaimed, then at least not publicly pilloried as “Government Motors” is today.
Personally, I think the Cimarron should be brought up in every business course in every college in the world. A perfect example of the old saying “penny wise, pound foolish”.
You must log in to post a comment.