Comment on LinkedIn fined $335 million in EU for tracking ads privacy breaches

<- View Parent
NaibofTabr@infosec.pub ⁨3⁩ ⁨weeks⁩ ago

Ah, hah, I’m glad you asked, I have thoughts on that too.

Auditing. The government (every government) should employ a team of auditors. In a case like this, the auditors will be attached to the offending company for the purpose of reviewing their operational and financial records. The auditors will be part of (inside of) the company operations for as long as it takes to untangle the details and assess the total sum of revenue gained from the illegal activity, and if that interferes with running the business well that’s too effing bad.

While the auditing is ongoing, the company will be responsible for paying the auditors’ salaries and expenses, and providing office space and whatever other resources they need. There will also be a representative of the auditors assigned to the executive board, present at all board meetings, with voting and veto privileges. Effectively, the company is on probation and under observation until their debt is paid. Any other violations discovered during the audit will result in additional prosecutions.

If the company finds this too burdensome, or if they have tried to obfuscate their records, then they can simply forfeit the revenue of the entire department/operational area in order to expedite the audit.

source
Sort:hotnewtop