Bank of America breaches
Adam over at Emergent Chaos (the Jazz Edition), has a good piece on recent breaches and the attention both in the media and with law enforcement that this has received.
I have left comments there, but essentially, I agree with Adam. I think that it is difficult to protect a customer's interests in this setting. While it may seem impersonal, my view originates in captitalism and the simple notion that profitability of a corporate entity has not been affected by these types of breaches in a widespread manner. That is not to say that there have not been incidents that have caused corporate failure, but rather that this issue is just one of many that a management team must face when operating a company.
I wrote (in his comments):
4. In the absence of any penalty to shareholder value, the management team and their reputations and ability to run a profitable bank will view other issues above these.
and
I think that the above issues have damaging consequences for any firm as they make it difficult to identify security problems that have long-term and durable impact on profitability. While the beginning effects appear negligible on the bottom line (or top line revenue, for that matter), the ability to identify and address these issues will require that more firms fail through their share prices as opposed to pressures from the security community and regulatory agencies. And NO, I'm not stating that there isn't net impact by the security community, but rather stating that the security community represents a leading indicator of the "opportunity for lost revenue and earnings". Like many leading and lagging indicators, the value of the indicator is only useful if it provides a pertinent horizon for profit.
Adam's response to my comments is forthcoming, but I think his original piece is worth a read. Good coverage of difficult topics over there, as always.
Updated to add: Adam's follow up, "On Disclosure" is here.