I'm just going to do my monthly HN login to say, and possibly skirt ethics here because your comment truly deserves it, that this is the dumbest thing I've read on here in a long time. I can't tell if this comment is satire or being real.

That sounds like a good way to ensure monthly data leaks

What? No. If we really take privacy seriously, we might consider giving them a discount on their use of our genetic data once they have shown responsible care in handling that data -- similar to how no-claim bonuses work in insurance.

Wouldn't this incentivize insecure practices and bad practices so they can get 75k? Wouldn't that be the effect, everyone tries to as little as possible until they get paid?

That's a fairly unconventional approach. Not a subscriber to traditional incentives-drive-behaviours theories I guess?

Err, no. If you give them $75k then everyone else will be incentivised to leak data so they too can get a free $75k.

I wouldn't. If I leaked data due to honest coding bug and someone gave me $75K with even a handshake agreement to put it towards fixing the problem I would put 100% of that money towards fixing the problem. That's my moral standard, if money with even a verbal agreement to put it towards a certain purpose, I either honor that purpose or don't take the money.

If they took away $75K I might be forced to lay off someone, possibly one who could have fixed the problem.

Capitalism brings abundant choices. Many or most people don't care enough to protect themselves by choosing differently.

$75000 is a lot less than buying even 1 security expert. It's just the cost of doing business if you don't charge them some substantial % of their revenue for a year. Say 20% - 50%. It has to sting or there will be no change in their processes.

And if fined $75000 the first thing they would do is lay off that security expert.

Provide the security expert to them at no cost, taxpayer funded, as a collective effort to stop identity leaks.