Should executives be held responsible for data breaches?

Table of Contents

Share at:

On 27 September, it was announced by the Board of Equifax that CEO Richard Smith amongst other executives had stepped down from their roles following the disclosure of a hacking scandal. It was alleged that the perpetrators gained unauthorised access to sensitive personal data held by Equifax, including social security numbers, birth dates and home addresses. Over 143 million Americans were exposed – nearly half the country’s population.

It was alleged that the hack was possible because Equifax failed to act on warnings to fix a software security problem.

Law Reform: Should executives be held accountable?

The story has been attracting attention for a reason other than just the privacy breach. Those who were responsible face the prospect of walking free. Smith would be able to enjoy his retirement that includes a large pension and other executives would have the benefit of keeping the profit from the sale of stock that they transacted before publicly announcing the breach.

The policy question remains: is it fair for executives to walk free in the face of damage done to millions of Americans?

This was the subject of intense debate in the US Congressional Hearing in Washington which Smith attended on 3 October 2017. Many were of the view that it was not justified that executives not only avoid the repercussions but were able to leave with all the benefits. Sen. Elizabeth Warren pushed for legislative reform that penalises executives and companies that fail to take reasonable measures for cyber safety and that result in public harm.

On the other hand, Smith maintained that punitive measures are not ideal given that the company plays a ‘vital role in the economy.’

Final Thoughts

Whilst the Equifax hacking incident is primarily focused on accountability of fault-bearing executives, another message is clear. In today’s technologically advanced society, hackers are finding more and more ways to access private information. Therefore, especially for data-holding companies, this calls for more advanced countermeasures as well as tech-savvy personnel to reduce the risk of such occurrences taking place.

Let us know your thoughts on the Equifax scandal as well as the frailty of privacy by tagging us #lawpath or @lawpath

Share at:

Simplify creating legal documents today

Browse through Lawpath's AI tools which can be used to draft, review and refine legal documents today!

Related Articles

What Is An Employment Separation Certificate?

If you want to apply for unemployment benefits, you may need an Employment Separation Certificate. This article explains what they are.

OHS vs WHS: What’s The Difference?

Is there a difference between OHS vs WHS? Read this article to find out the difference and what these terms mean.

How to Transfer a Trademark: Trademark Assignment

Trademark owners may transfer the rights to use their trademark through licensing or full assignment. Find out more in this article.

Understanding Late Payment of Superannuation: A Guide for Employers

Understand your obligations for late superannuation payments. Learn about SGC statements, ATO requirements, penalties, and upcoming Payday Super rules.

Unlocking Small Business Superannuation Tax Deduction Strategies for 2026

Maximise your small business superannuation tax deduction in 2026. Learn how to claim contributions, manage SG compliance, and prepare for Payday Super.

Resigning During Probation: How Much Notice? (2026 Update)

Resigning during probation in Australia? Find out your legal notice period obligations for full-time, part-time, and casual employees to avoid pay issues.