There already is massive fraud. It is just committed by huge corporations that use their size and money to shield themselves from accountability. Which is the better scenario? The current one where companies, that are already proven to have negligently allowed someone’s data to be leaked, drag out and exhaust legitimate claimants against them, allowing them to profit off their negligent activities and leave countless regular people as victims with little to no compensation. Or one where legitimate claimants are able to quickly get compensation, but also claimants that were victims of a company’s negligence, but their identity theft did not come directly from that negligence.
The “fraud” you imagine would require both that a company is negligent with someone’s data, exposing them to the risk of identity theft, and that the same person is the victim of identity theft in a totally unrelated way or unrelated reason. That isn’t guilty until proven innocent, because it is proven that the company was negligent and did allow data to be leaked. If it makes you feel better, we could just fine them $10,000 for each person’s data that was leaked right off the bat, and then hold that for all future claims where those people end up having their identity stolen.
The “fraud” you imagine would require both that a company is negligent with someone’s data, exposing them to the risk of identity theft, and that the same person is the victim of identity theft in a totally unrelated way or unrelated reason. That isn’t guilty until proven innocent, because it is proven that the company was negligent and did allow data to be leaked. If it makes you feel better, we could just fine them $10,000 for each person’s data that was leaked right off the bat, and then hold that for all future claims where those people end up having their identity stolen.