bureaucracybusters

Posts Tagged ‘CLASS-ACTION LAWSUITS’

CORPORATE DATA BREACHES? BLAME CEOs: PART TWO (END)

In Bureaucracy, Business, History, Law, Law Enforcement, Politics, Social commentary on August 2, 2019 at 12:43 am

On July 15, 2015, Ashley Madison joined the list of companies that failed to safeguard their customers’ most sensitive information—such as their credit card numbers, addresses, emails and phone numbers.

And Ashley Madison had more reason than most to do this—as the notorious website for cheating wives and husbands.

After all, its database is a blackmailer’s dream-come-true. Yet apparently its owners didn’t care enough about the privacy of their customers to provide adequate security.

Like so many other companies hit by hackers, Ashley Madison sought to reassure its dangerously compromised customers:

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

This statement gave new meaning to the phrase, “Closing the barn door after the cow has gotten out.”

Avid Life Media assured its customers that it had hired “one of the world’s top IT security teams” to work on the breach.

Adultery-dating website Ashley Madison hacked

So why wasn’t this “top IT security team” hired at the outset?

On August 18, 2015, the hackers began releasing their pirated information. 

Ashley Madison’s customers chose to put their private information on its computer system.

Those of Equifax, didn’t. Equifax collected this from credit card companies.

From Mid-May through July, 2017, Equifax was hacked. The breach was discovered on July 29. 

But the company didn’t announce it until September 7, 2017.

As a result, the private data of nearly 150 million people was compromised.

On July 22, 2019, the Federal Trade Commission (FTC) announced that Equifax, one of the nation’s largest credit-reporting companies, would pay up to $700 million to settle with the FTC and consumers.

If approved by the federal district court Northern District of Georgia, the settlement will provide up to $425 million in monetary relief to consumers and a $100 million civil money penalty.

According to Karl A. Racine, attorney general for Washington, D.C., it’s the largest settlement ever for a data breach. 

“Equifax failed to protect consumers’ information and failed to enact reasonable security measures under California’s data security laws,” California Attorney General Xavier Becerra said in a news conference.

“That left very important personal information exposed and allowed hackers to steal consumers’ names, Social Security numbers, their birth dates, their addresses and in some instances their driver’s license number and even credit related information.”

Related image

And for those who believe the private sector is inherently more efficient than the public one: On the week that Equifax agreed to pay $700 million for its massive 2017 data breach, Richard Smith, its disgraced former CEO, got some wonderful news: 

  • He was slated to receive as much as $19.6 million in stock bonuses since leaving the company.
  • That’s roughly 1,000 times the $20,000 maximum payout that any financially damaged consumer can collect from Equifax.
  • In addition, Equifax agreed to cover Smith’s medical bills for life, a benefit the company estimates is worth another $103,500.
  • Equifax decided he deserved a $24 million pension.
  • Smith got $50,000 in tax and financial planning services.
  • His stock bonuses cover a period that includes the former executive’s performance in 2017. 

When CBS News contacted Equifax on this development, the company refused to comment. Neither could Smith be reached.

There is a reason why these security breaches keep happening.

An October 22, 2014 “commentary” published in Forbes magazine raised the highly disturbing question: “Cybersecurity: Does Corporate America Really Care?”

And the answer is clearly: No.

Its author was John Hering, co-founder and executive director of Lookout, which bills itself as “the world leader in mobile security for consumers and enterprises alike.”

Click here: Cybersecurity: Does corporate America really care?

“One thing is clear,” wrote Hering. “CEOs need to put security on their strategic agendas alongside revenue growth and other issues given priority in boardrooms.”

Hering warned that “CEOs don’t seem to be making security a priority.” And he offered several reasons for this:

  • The sheer number of data compromises.
  • Relatively little consumer outcry.
  • Almost no impact on the companies’ standing on Wall Street.
  • Executives may consider such breaches part of the cost of doing business.

“There’s a short-term mindset and denial of convenience in board rooms,” wrote Hering.

“Top executives don’t realize their systems are vulnerable and don’t understand the risks. Sales figures and new products are top of mind; shoring up IT systems aren’t.”

There are three ways corporations can be forced to start behaving responsibly on this issue.

  1. Smart attorneys need to start filing class-action lawsuits against companies that refuse to take steps to protect their customers’ private information. There is a name for such behavior: Criminal negligence. And there are laws carrying serious penalties for it.
  2. There must be Federal legislation to ensure that multi-million-dollar fines are levied against such companies—and especially their CEOs—when such data breaches occur.
  3. The Justice Department should vigorously prosecute CEOs whose companies’ criminal negligence leads to such massive data breaches. They should be considered as accessories to crime, and, if convicted, sentenced to lengthy prison terms.

Only then will the CEO mindset of “We don’t care, we don’t have to” be replaced with: “We care, because we’ll lose our money and/or freedom if we don’t.”

CORPORATE DATA BREACHES? BLAME CEOs: PART ONE (OF TWO)

In Bureaucracy, Business, History, Law, Law Enforcement, Politics, Social commentary on August 1, 2019 at 12:08 am

Comedian Lily Tomlin rose to fame on the 1960s comedy hit, Rowan & Martin’s Laugh-In, as Ernestine, the rude, sarcastic switchboard operator for Ma Bell.

She would tap into customers’ calls, interrupt them, make snide remarks about their personal lives. And her victims included celebrities as much as run-of-the-mill customers.

Lily Tomlin as Ernestine

She introduced herself as working for “the phone company, serving everyone from presidents and kings to the scum of the earth.”

But perhaps the line for which her character is best remembered was: “We don’t care. We don’t have to. We’re the phone company.”

Watching Ernestine on Laugh-In was a blast for millions of TV viewers. But facing such corporate arrogance in real-life is no laughing matter.

Clearly, too many companies take the same attitude as Ernestine: “We don’t care. We don’t have to.”

This is especially true for companies that are supposed to safeguard their customers’ most sensitive information—such as their credit card numbers, addresses, emails and phone numbers.

Among those companies hacked:

  • Kmart
  • Staples
  • Dairy Queen
  • Target
  • Sony Pictures 
  • Primera Blue Cross
  • Home Depot
  • JPMorgan/Chase

In 2015, they were joined by health insurance giant Anthem Inc. The company announced that hackers had breached its computer system and accessed the medical records of tens of millions of its customers and employees.

Anthem, the nation’s second-largest health insurer, said the infiltrated database held records on up to 80 million people.

Among the customers’ information accessed:

  • Names
  • Birthdates
  • Social Security numbers
  • Member ID numbers
  • Addresses
  • Phone numbers
  • Email addresses 
  • Employment information

Some of the customer data may have included details on their income.

Click here: Anthem hack exposes data on 80 million; experts warn of identity theft – LA Times

Bad as that news was, worse was to come.

A February 5, 2015 story by the Wall Street Journal revealed that Anthem stored the Social Security numbers of 80 million customers without encrypting them.

The company believed that hackers used a stolen employee password to access the database

Anthem’s alleged reason for refusing to encrypt such sensitive data: Doing so would have made it harder for the company’s employees to track health care trends or share data with state and Federal health providers.

Anthem spokeswoman Kristin Binns blamed the data breach on employers and government agencies who “require us to maintain a member’s Social Security number in our systems so that their systems can uniquely identify their members.”

She said that Anthem encrypted personal data when it moves in or out of its database–-but not where it is stored.

This is a commonplace practice in the healthcare industry.

The FBI launched an investigation into the hack.

According to an anonymous source, the hackers used malware that has been used almost exclusively by Chinese cyberspies.

Naturally, China denied any wrongdoing.

Chinese Foreign Ministry spokesman Hong Lei said: “We maintain a cooperative, open and secure cyberspace, and we hope that countries around the world will make concerted efforts to that end.”

He also said that the charge that the hackers were Chinese was “groundless.”  

On July 15, 2015, Ashley Madison—the notorious website for cheating wives and husbands—joined this list.

Launched in 2001, its catchy slogan is: “Life is short.  Have an affair.”

One of its ads featured a photo of a woman apparently kneeling at the feet of a bare-chested man, her hand passionately clawing at his belt. Next to her was the caption: “Join FREE & change your life today. Guaranteed!”

Related image

Millions of its clients suddenly found their lives changed in ways they never imagined—for the worse.

Ashley Madison claimed to have more than 37 million members.  

Its hackers were enraged at the company’s refusal to fully delete users’ profiles unless it received a $19 fee.

Referring to themselves as “The Impact Team,” they stated in an online manifesto: “Full Delete netted [Avid Life Media, the parent company of Ashley Madison] $1.7 million in revenue in 2014. It’s also a complete lie.

“Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

On July 20, 2015, Avid Life Media defended the service, and promised to make it free.

The hackers demanded: “AM [Ashley Madison] AND EM [Established Men] MUST SHUT DOWN IMMEDIATELY PERMANENTLY.

“We have taken over all systems in your entire office and production domains, all customer information databases, source code repositories, financial records, emails.

“Shutting down AM and EM will cost you, but non-compliance will cost you more.”

The hackers threatened to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”

Avid Life Media assured its customers that it had hired “one of the world’s top IT security teams” to work on the breach:

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

So why didn’t the company hire “one of the world’s top IT security teams” before the hack?

TAKING ON KGB AIRWAYS: PART EIGHT (END)

In Bureaucracy, Business, History, Law, Law Enforcement, Politics, Self-Help, Social commentary on April 20, 2017 at 12:08 am

Even if you feel you have an airtight case against an airline and want to sue, remember this: The vast majority of cases–civil and criminal–are settled outside of court.

In civil cases especially, judges strongly urge both sides to reach a compromise rather than duke it out in court. And both sides are usually willing to do this, since there’s no telling how a jury might rule.

Finally, there’s the option of filing a class-action lawsuit.

Related image

The Lady Justice

A plus to this is that you’re not alone in your charge against the airline.  Other passengers who have been similarly wronged are seeking damages, and so the spotlight is not on any one plaintiff.

A minus is that such cases are extremely complex and must be handled by experienced attorneys.  Typically, federal courts are thought to be more favorable for defendants, and state courts more favorable for plaintiffs. Many class actions are filed initially in state court. The defendant will frequently try to remove the case to federal court.

Another minus: If your side prevails, the amount of money each plaintiff receives will be far smaller than if the award were to be divided between a single plaintiff and his attorney(s).

Finally, even if you win, you can be certain the airline will appeal the verdict. Such appeals can go on for literally years.

But the most far-reaching reforms can emerge only through Congress. And this can happen only if Americans demand that their representatives create passenger rights through long-overdue legislation.

Image result for Images of United States Capitol

United States Capitol Building

Protections are especially needed when a single airline official–such as a steward–kicks a passenger off an airplane for reasons that have nothing to do with security.

Examples:

  • Two women kissing;
  • A steward demanding whether a woman is wearing underwear;
  • Another steward taking offense at a passenger’s request for help.

During the administration of President George H.W. Bush, Congress overrode only one of his 44 vetoes. In that case, Congress put a cap on the rates cable TV companies could charge.

They did so because their constituents made clear their rage about high-priced cable fees.

Members of the Senate and House of Representatives will respond to constituent demands–if voters:

  1. Make their specific demands known; and
  2. Bluntly warn: “Support this–or look for another job.”

Only such sustained action will counter the legalized bribes (known as “campaign contributions) the airlines offer to members of Congress.      

There is new reason to hope that long-overdue reforms may be coming.  

On April 9, police dragged Dr. David Dao, bloodied and screaming, off his United Airlines flight at Chicago O’Hare Airport.

His crime?  Refusing to give up his seat for a commuting crew member.

He suffered a broken nose, the loss of two front teeth and a concussion.

Dao’s mistreatment was captured on cellphone video taken by several passengers. Posted on Youtube and on national newscasts, it sparked a massive outcry.

To the horror of company officials, United Continental Holdings stock quickly lost an estimated $255 million to $1 billion. Many passengers cut up their United-Chase credit cards and frequent flyer member cards. Others swore to never again fly United.

New Jersey Gov. Chris Christie called for a suspension to the widespread practice of overbooking: 

“To have somebody pay for a ticket, reserve a seat, be seated and then dragged off the plane physically by law enforcement officers at the direction of United–it’s outrageous,” Christie told CNN’s “New Day.”

Yet Dao has plenty of company. In 2016, more than 475,000 passengers who were bumped off American domestic flights–usually due to overbooking.

It’s standard practice for airlines to sell more tickets than there are seats. “Airlines overbook because people don’t show up for flights and they don’t want to go with empty seats,” said George Hobica, founder of Airfarewatchdog.com.  

When a flight is overbooked, federal Department of Transportation (DOT) rules require an airline to first ask passengers to voluntarily give up their seats. Airlines can choose the amount or type of compensation.  It’s usually a gift card or travel voucher for another flight.

If you are kicked off a flight due to overbooking, you can sue for more money if you believe the compensation offered wasn’t sufficient. If you intend to sue, don’t accept any flight vouchers or cash offered by the airline.

And what gives airlines the right to virtually operate as KGB agents? Consumer advocate Ralph Nader puts it thus:

“Because the contract of carriage, which is on the [United] website, is 67,000 words long and fine print, and it takes away the rights to be assured that when you have a confirmed reservation and you’re in the seat, you can stay in the seat—total unbridled discretion by the airline to throw you off the plane.”  

And every other airline has a similar “contract of carriage.” These are written by airline lawyers and are entirely biased toward airlines–not customers.

Above all, remember: Airlines are run by corporations. Their foremost concern is not your comfort or even safety as a passenger. It’s with further enriching their overpaid key executives.

You must be willing to stand up for your own rights–because the CEOs running KGB Airways don’t care about them.

KGB AIRWAYS – PART EIGHT (END)

In Bureaucracy, Business, Self-Help, Social commentary on June 20, 2012 at 12:01 am

So you’ve decided to sue the airline you believe wronged you.

One option is to do so in small claims court.

A plus is you don’t need an attorney. In fact, you’re barred from bringing in an attorney. You represent yourself, which means you don’t have to pay an attorney–either up-front or at the end of the case.

Another plus: It will cost you far less to represent yourself than it will cost the airline to send a representative. If you file in California and the airline is headquartered in New York, it will be expensive for them to send a rep to attend the proceedings. If the airline fails to send someone as its representative–which is highly unlikely–it loses by default.

A minus is that you may not be the confrontational type.  You may also feel intimidated by the legal process–and afraid of looking like an idiot if you lose.

Another minus is that each state sets a different amount you can win in damages.  To learn about the rules applying to small claims courts in your state, consult the following link: Click here: 50 State Overview of Small Claims Rules | Nolo.com.

A second option is to take your case to civil court.

A plus is that the dollar-amount you can obtain at this level is far higher than in small-claims court.

A minus is that you’ll definitely want to retain an attorney.

True, you can legally represent yourself.  But aviation law is complex.  The airline will definitely have an attorney, so if you don’t, you’re bringing a knife to a gunfight.

If you can find an attorney willing to represent you on a contingency fee basis, you don’t have to pay him unless you win.  His fee will then come out of your settlement amount.

Another minus: If you can’t find an attorney willing to take your case on this basis, you’ll have to pay him by the hour, after first putting up a retainer fee, which can be quite large.

A third minus is that the courts are clogged with cases, and it can take months or even years before yours will be heard.

And remember: The vast majority of cases–civil and criminal–are settled outside of court.  In civil cases especially, judges strongly urge both sides to reach a compromise rather than duke it out in court.

And both sides are usually willing to do this, since there’s no telling how a jury might rule.

Finally, there’s the option of filing a class-action lawsuit.

A plus to this is that you’re not alone in your charge against the airline.  Other passengers who have been similarly wronged are seeking damages, and so the spotlight is not on any one plaintiff.

A minus is that such cases are extremely complex and must be handled by experienced attorneys.  Typically, federal courts are thought to be more favorable for defendants, and state courts more favorable for plaintiffs. Many class actions are filed initially in state court. The defendant will frequently try to remove the case to federal court.

Another minus: If your side prevails, the amount of money each plaintiff receives will be far smaller than if the award were to be divided between a single plaintiff and his attorney(s).

Finally, even if you win, you can be certain the airline will appeal the verdict.  Such appeals can go on for literally years.

On a more far-reaching basis, you can demand that your Congressional representatives support passenger rights through legislation.

Protections are especially needed when a single airline official–such as a steward–kicks a passenger off an airplane for reasons that have nothing to do with security.

(Examples:

  • Two women kissing;
  • a steward demanding whether a woman is wearing underwear;
  • another steward taking offense at a passenger’s request for help.)

During the administration of President George H.W. Bush, Congress overrode only one of his 44 vetoes.  In that case, Congress put a cap on the rates cable TV companies could charge.

They did so because their constituents had made clear their rage about high-priced fees.

Members of the Senate and House of Representatives will respond to constituent demands:

  1. If enough voters make their specific demands known; and
  2. If those voters make clear that ignoring their demands will guarantee defeat at the next election.

There are consumer rights organizations now pressing for vitally-needed passenger protections.  These organizations need support–both in terms of members and money.

Only then can they counter the legalized bribes (known as “campaign contributions) the airlines offer to members of Congress.

An example is Flyers Rights, which can be reached at: FlyersRights.ORG – Largest Non-Profit Airline Consumer Organization.

Above all, remember: Airlines are run by corporations.

Their foremost concern is not your comfort or even safety as a passenger.  It’s with further enriching their key executives.

You must be willing to stand up for your own rights–because the airline couldn’t care less about them.

%d bloggers like this: