[AnthonyMouse]

> The other way is that companies should feel about equal pain relative to their sizes. Otherwise, big companies are able to gain an unfair advantage by just ignoring laws for which they can afford the fines.

Which doesn't make any sense and just gives them the incentive to play the same games they do in avoiding taxes.

The first reason it doesn't make sense is that the penalty should have some relation to the damages. If you cause $500 damage to someone else without their consent, screw you. But if the fine for that is $5000 per victim, it's a deterrent no matter how big you are, because $5000 is more than $500 (and provides a fair margin for the probability of not getting caught), and if the company is getting more than $500 in value from doing it then it could have just offered to pay the victim $501 to consent to allowing it, which implies that they're not.

Meanwhile if you don't think large corporations can move numbers around on a spreadsheet to minimize what they owe, you haven't been paying attention. And we sure as heck don't need a system where Equifax gets to put its risky business in one entity that has inconsequential revenues and then suffer a $10 total fine when it screws up this bad because whatever penalty percentage of almost nothing rounds to zero.

[jakelazaroff]

Say companies A and B each cause $500 in damages. Company A makes $600 from that act, while Company B makes $6,000. A fine of $5,000 is way over the top for Company A, but Company B can just write it off as the cost of doing business.

As I've said elsewhere, I'm not advocating one particular method of coming up with this number. I'm just saying that the fine should depend on the company, not be a flat number based on damages caused.

[paulddraper]

If the cost of damages (including a punitive 2x or whatever) is really and truly $500, and Company B is willing to make their victims whole at that cost...I'm 100% sure there's a problem that needs solving.