But does the threat of making huge payments in class-action lawsuits actually change any processes? All of the security improvements implemented by Target after the breach were put in place long before the legal settlement. Target reportedly had already incurred $191 million in costs, mostly spent on lawyers. The $10 million supposedly going to the affected consumers was inconsequential, as was the additional $6.75 million earmarked for the lawyers. It's hard to see how the class-action lawsuit had anything to do with any changes in the processes used by Target.
The potential for damage that resulted from the OPM breach is so large that many of us would probably be happy to see that organization called to account and told to pay up a lot of money. But we have to leaven that satisfaction with the realization that most of the money will be going to attorney Gary Mason and his firm, Whitfield, Bryson & Mason. There is also the possibility that a good portion of the money will go to the American Federation of Government Employees (AFGE), a union naming itself as a plaintiff in the class-action case filed by Mason. Watch carefully how much money this group gets for the compromise of your information. As for you the consumer, if you were a victim of the OPM breach, you will get nothing unless you can show damages. And if China was indeed the source of this compromise, as has been reported, you probably won't suffer tangible damages. At best, you can file to receive a piece of the negotiated settlement not allocated to damages. This will likely amount to less than $1.
Finally, keep in mind that any settlement paid by OPM, an agency of the federal government, will ultimately be paid by us, the taxpayers. So if there is a settlement, the net result is that we the people will have basically paid Gary Mason millions of dollars.
Keep smiling. Gary Mason sure is.
Sign up for Computerworld eNewsletters.