JP Morgan fails to avoid a record data breach but will it evade accountability?

JP Morgan Chase, one of Wall Street’s most powerful banks, has just suffered a massive data breach affecting more than 70 million consumers, The New York Times reported yesterday. The Times reports that the attacks, which JP Morgan initially believed to affect only 1 million customers, occurred over several weeks this summer. According to the article:

As the severity of the intrusion — which began in June but was not discovered until July — became more clear in recent days, bank executives scrambled for the second time in three months to contain the fallout and to reassure skittish customers that no money had been taken and that their financial information remained secure.

Unfortunately, for JP Morgan’s customers, the bank has attempted to immunize itself from being held accountable in court by burying forced arbitration clauses in the fine print of its customer contracts.

JP Morgan is one a several banks that uses forced arbitration against consumers -- which means that when victims of Wall Street’s fraud, theft, or negligent security attempt to make it answer in court, they can be kicked out and sent to a private arbitration forum designed by Wall Street’s corporate defense lawyers. The arbitration provider is chosen by the bank and the arbitrator who decides the case is not even required to follow the law. Despite this, the arbitrator's decision is almost possible to appeal.

Most customers have no idea they have surrendered their legal rights simply by doing business with the bank. But without the pressure of accountability, banks like JP Morgan have little incentive to keep customers' data -- or their money -- safe from thieves.