Last week, Americans woke up to news of yet another mass breach of their personal data. The consumer credit reporting agency Equifax revealed that as many as 143 million Americans’ Social Security numbers, dates of birth, names and addresses may have been stolen from its files — just the kind of information that allows for identity theft and other cybercrimes.

...

There are technical factors that explain why cybersecurity is so weak, but the underlying reason is political, and it’s pretty simple: Big corporations have poured large amounts of money into our political system, helping to create a regulatory environment in which consumers shoulder more and more of the risk, and companies less and less.

...

No software system can be free from bugs (or intruders), and users must be mindful of the risks. But the inherent lack of perfect automotive safety doesn’t mean we don’t try to make cars safer. Obviously, people should drive more carefully, but seatbelts, airbags and better car design reduce injury enormously, and that has been great for the industry as well as consumers. The software industry should be no different.

Perhaps the most maddening part of the Equifax breach is that the credit-rating industry is itself unforgiving in its approach to even the smallest error. I’m still dealing with the damage to my credit rating that resulted when I forgot to return a library book and a collection agency was called in (for a paltry sum). The Equifax executives who let my data be stolen will probably suffer fewer consequences than I will for an overdue library book. Even if they do get fired, it is likely that they will be sent off with millions of dollars in severance, which is common practice for executives. (I would like to note that I am available for such punishment any time.)