[foepys]

GDPR requires a full disclosure of which data and users are affected and when it happened, which I think is fair for the average user.

[AYBABTME]

But that's like a bridge collapsing and only having to produce a list of who got injured and what their injuries were.

[true_religion]

Bridges tend to be owned by the government which in democratic counties gives an accounting to the public.

Private bridges, have owners who give an accounting to no one when they collapse. At best, if you have standing you can sue them and they will defend themselves by giving an accounting for why it’s not their fault or they did their best.

[pedro2]

Those things need to be supervisioned. FlyTAP has gotten their entire rewards DB (if not all their DB) hacked and if it were not for IHBP I would never know because the company never told me. As far as I know FlyTAP never got a fine for ignoring its obligations.

GDPR is a good idea but there must be supervision for it being applied as defined.