[wmf]

For government IT in particular, the cost of security is basically infinite because they aren't organizationally mature enough to do anything right. There's no way to make the cost of being hacked infinite; no court or legislature is going to order the DMV to be disbanded.

[dragonwriter]

> There's no way to make the cost of being hacked infinite; no court or legislature is going to order the DMV to be disbanded

Disbanding the DMV doesn’t make the cost to any actor infinite (“DMV” is an abstraction, and state agencies are routinely created amd destroyed, sometimes as political damage control due to IT scandals [0], but that’s not an infinite cost on anyone.)

[0] e.g., the California Department of Information Technology in 2002: https://www.google.com/amp/s/www.computerworld.com/article/2...

[AnthonyMouse]

In 1995 the California State Police were disbanded and their role was given to the California Highway Patrol.

The part of the DMV that performs driver testing isn't the part that loses all your data. It wouldn't be impossible to disband their IT department and give the role to some other government agency.

They could also just, you know, stop collecting it. Print your height and hair color etc. on your driver's license and don't store it anywhere else. Instead store a hash of it at the DMV with the salt stored on the license itself, so you can revalidate the license without being able to reconstitute it.