|
|
|
|
|
|
by throwawaymath
2915 days ago
|
|
|
I actually agree with the parent's perspective. As I see it, there are three potential states for sensitive data: 1. Secured and private. This is data not exposed in any breach. 2. Unsecured and private. This is data which has been exposed in a breach, and which must be sought out by the reasonably tech savvy. 3. Unsecured and public. This is data which has been exposed and can be easily used by anyone. We want all sensitive personal data to be in state 1. But because of the taboo of state 3, we end up in a situation where we're hostage to state 2, because everyone wants to treat published sensitive data as if it were still private. That takes power away from the non-tech savvy victims of breaches but doesn't diminish the power of tech-savvy criminals who want to use the data. In my opinion, forcing all sensitive data to be considered either secure and insecure (instead of the weird, quasi-private state 2) would take power away from people who want to use it. Every time a new breach happens there is a race to use it before it's not useful anymore. I believe we could meaningfully defang these breaches by completely leaning in and demonstrating how public the data is. If there were a party truly committed to that and they couldn't be stopped, my hypothesis is that things would actually change. |
|
|