[christophclarke]

On the other hand, however, the outcomes of a breach are vastly different. An individual who fails to secure their information is liable for only their information. If a "big-tech" is compromised, they are liable for everyone's information.

If users are still unwilling to run their own infra, then that seems like a great opportunity for Identity as a Service. I'd feel much more comfortable handing identity to a firm whose entire business model revolves around securing my information and protecting my privacy rather than a big-tech.

[tudorconstantin]

"I'd feel much more comfortable handing identity to a firm whose entire business model revolves around securing my information and protecting my privacy rather than a big-tech." - in order for that company to be rock solid, trusted by most of the world and with a proven track record of top notch security, would mean that the said company is a big-tech.

I would call okta, auth0 and iWelcome big-tech already, even if they're not FAANG-level big tech yet.