The recent large-scale Optus data breach has been followed that the telco will provide short-term funding to affected consumers for credit watch services by Equifax. As I've noted in a forthcoming article Equifax itself featured in a very large-scale data breach in 2017.
'Interoperable Obscurity' by Thomas Kadri in the Journal of Free Speech Law (Forthcoming) comments
Data brokers are abuse enablers. By sharing people’s information, brokers thwart obscurity, stimulate surveillance, and ultimately facilitate interpersonal abuse. This Essay canvasses four regulatory responses to brokered abuse: prohibiting abusive acts, mandating broker transparency, limiting data collection, and restricting data disclosure. Though some of these measures have merit, none is adequate, and several recent privacy laws can even make matters worse. Put simply, the current legal landscape is neither effective nor empathetic.
Of particular concern, prevailing approaches can exacerbate victims’ trauma by forcing them to engage repeatedly with their abuse and vulnerability. Due partly to existing laws, people face a whack-a-mole task of pleading to remove their data from every single broker separately. But lawmakers could put an end to this traumatic experience through a regulatory regime of “interoperable obscurity.” In short, brokers could be compelled to design their systems to let a person obscure their information across all brokers with a single request.
Requiring brokers to support a centralized obscurity process would represent the kind of empathetic regulation needed to tackle abuse. The right to defend oneself is sacred in many cultures, but those responsible for creating both law and technology have been slow to empower people with rights and tools of self-defense fit for the digital age. Interoperable obscurity is no panacea, but it could be a start.