So what can the Estonian defense minister teach you about avoiding identity theft? After suffering a massive internet attack that disrupted its nation’s entire internet service, former Soviet block country Estonia recently suggested a draconian remedy that other security experts having been whispering quietly about for years – make users liable for security breaches caused by their carelessness.

Might seem a little extreme, but you can bet that now the cat’s out, more security experts and employers will start talking more openly about the whole idea of punishing users and employees who don’t show due care and attention when surfing.

Personally I think it’s a good idea, at least in principle. There are still plenty of users who don’t care about security, do nothing to minimize the risks they create for others, and don’t think they bear any responsibility for the losses they cause.

Free education hasn’t helped much. Neither have constant media exposure and free security tools. So maybe it’s time to raise the stakes a little. Get the public’s attention. Let users know that if they continue to mess up then they’ll have to pay up. We know that everyone, including users, shares the blame for the rise in cybercrime and identity theft. So why should users get a free pass?