Unless they knowingly and intentionally broke criminal law, that's completely over the top and unnecessary.
Fines should presumably start small and have a graduated structure to prevent the "just a business expense" approach from becoming a viable one.
The current regulatory problems are due almost entirely (IMO) to lack of active enforcement; why care what the penalty is if you know it won't happen to you regardless?
You don’t have to knowingly break the law to be criminally charged. If you’re in a position where a law might apply, you should do your due diligence or get legal counsel sign off. Selling private location data should easily cause a competent executive to think twice and confirm it’s okay.
I didn't opine on this instance wrt if legal counsel did or did not sign off. If corporate counsel signs off on criminal behavior, it should be criminally charged.
> Unless they knowingly and intentionally broke criminal law, that's completely over the top and unnecessary.
Why? If I drive drunk and a cop pulls me over, lack of knowledge is no defense. As the head of a company, why is a lack of knowledge of the goings-on of the company a defense? If you don't know the goings-on when you are in a position to, at the very least that should be categorized as criminally negligent.
This is civil law, not criminal. Maybe criminal liability s needed, but it’s just not reality.
Also: beware what you wish for. Criminal law may allow your bloodlust to be satisfied. But it’s just as likely that the higher burden of proof it requires, and various other differences such as the 5th amendment, make prosecution difficult or impossible.
Not to mention when you accidentally leave some data out there with a misconfigured server you’d maybe go to jail, but in their outrage people don’t think it could happen to them, or be used by someone with other goals.
It depends on the perspective. Imagine an FCC shopping page for businesses that says something like: "Gain ability to sell customer location data for a year: $10,000,000"
"Fine" is a euphemism for market price. If the profits outweigh the fines and the poor PR can be controlled in a timely manner, then they'll do it every time.
Then you just increase the fines. That’s so much more trivial than throwing people into an already overcrowded prison system and destroying their life.
This is technically true but the odds of a fine being levied which is high enough to register on huge companies like this is exceedingly low, especially since everyone involved in that decision could walk away from a bankruptcy and still be fabulously rich. Punishing shareholders has a lot of collateral damage but personal liability has almost none.
I think fines should act against the shareholders who let it happen! FCC forces more shares and acquires them, decreasing shareholder value, which is the gold standard of publicly traded companies.
Fines should presumably start small and have a graduated structure to prevent the "just a business expense" approach from becoming a viable one.
The current regulatory problems are due almost entirely (IMO) to lack of active enforcement; why care what the penalty is if you know it won't happen to you regardless?