[kragen]

The benefit to the nefarious buyer is not the same as the damage to the hotel guest. In fact, there's no reason to even expect them to be similar in value. And the relevant measure of central tendency is the mean, not the median, since we're looking at the sum of all the damages from all the records being copied. Keeping one gay Egyptian dude from getting outed and killed justifies protecting hundreds or thousands of boring middle-class vacationers from Ohio.

[vkou]

The personal, quantifiable damage to me of every one of my guest records in my past five years getting stolen by some shadowy cabal is zero. That's because I haven't done anything particularly interesting. Neither have most people. If you're ready to wire me a few hundred dollars, I'll be happy to share records of my, and my wife's stays with you. It'll be a waste of your money, but who am I to judge?

A few people have done some very interesting things. For them, those numbers are substantially higher than zero.

You haven't disproven my point. The quantifiable, median damage is zero. This is relevant, because this sub-thread tries to quantify the harm by taking the fine, divides it by the number of records, produces $3, and posits that the leak has done more than that amount of harm. Because, obviously, if any harm comes, the harm is over three dollars.

Well, yes. It is. If you can measure the harm, of course it's more than three dollars.

For most people, though, the harm is immeasurable. Pointing out that the median harm is zero exposes the absurdity of the original argument.

[kragen]

So you're saying that, because the median damage is zero, the mean could be arbitrarily small, and in particular might be less than US$3? That's probably true, but your original argument about the purchase price of the data doesn't help to support that.

There's also a problem we haven't brought up in this thread, which is that the main damage from privacy invasion is not to people individually, but to human society as a whole. Increasing the price of doing anything particularly interesting can condemn an entire society to domination by mediocrity.

[vkou]

> So you're saying that, because the median damage is zero, the mean could be arbitrarily small, and in particular might be less than US$3?

I'm saying we have no idea, and we're not going to get there, by doing arithmetic. But, if you ask me, I do believe (based on nothing more then a worthless napkin calculation) that it's more likely to be between $0.3 and $3, than it is to be between $3 and $30. Remember, the recipient of this data is incredibly unlikely to cause maximum possible worst-case damage to even the interesting people on the list. Most likely, they just want to steal credit card numbers.

> There's also a problem we haven't brought up in this thread, which is that the main damage from privacy invasion is not to people individually, but to human society as a whole. Increasing the price of doing anything particularly interesting can condemn an entire society to domination by mediocrity.

The nice thing about the GDPR is that even if it doesn't address the damage of a particular leak, it's a swift kick in the ass of the IT departments other companies, who are really keen to not end up on the receiving end of the next fine.

[kragen]

These are reasonable points, although my intuition is that your guess about the total damages is low.