[SilverRed]

Maybe the solution here is to just have some kind of legal penalty to losing user data due to incompetence. The problem here is that self taught programmers are going out to the real world and writing code that gets used to process sensitive info without any senior developer guiding them or reviewing.

If there was a penalty to the business, they would stop getting the bottom of the barrel programmer to work on their own. Yes it would make it a little harder to enter the market but any large business could still hire juniors and review their code properly.

In most other industries, you are responsible for your work. Usually you even need a formal certification first.

[toastal]

Conceptually how is this different than someone building a staircase it their house with tools, lumber, and no interest in accessibility and building codes?

[SilverRed]

This analogy still works. The staircase is not public, its in your house. Which would map to running on your local computer or local network.

As soon as you turn your house in to a public venue (put your code in use for the public) you now have to worry about accessibility and safety. If that stair case collapses because of your dodgy building, you are liable. But you are free to fall off your own staircase in your own house.

So people are free to run whatever they want on their computer. But once you start taking user data, you now have legal responsibility. User data is hazardous waste that needs ultimate care.

[908B64B197]

> In most other industries, you are responsible for your work. Usually you even need a formal certification first.

That would go against the "Everyone can Code" trend and be perceived as gatekeeping.

[sk7]

It's handled by the GDPR. Companies are forced to report a leak to the authorities and the max. penalties are very high.