Susan Landau writes:
For decades the theft of private individuals’ data has been treated as an annoyance. Activist state attorneys general and the Federal Trade Commission have pursued cases, but U.S. laws fail to treat theft of personal data as a serious crime in itself. The indictment detailing Russian activity during the 2016 presidential campaign shows the inadequacy of that approach. The first step of the “conspiracy to defraud the United States by impairing, defrauding, and defeating the lawful functions of the government through fraud and deceit” relied on stolen identities. Of course, not every theft of private citizens’ personal data will result in a national security threat, and few will approach the magnitude of that Russian scheme. But the indictment of Russian operatives shows how damaging the theft of personal information can be to U.S. security.
Read more on Lawfare.