Hacker News new | ask | show | jobs
by OutOfHere 306 days ago
That difference matters only to the institution. To the user, however, the risk and damage from the leak of any type of serious PII is one and the same in that it is a risk to be avoided.

In other words, the technicality you state is the difference between the user getting punched in the guts versus in the gonads. Both are to be avoided.
1 comments
yunohn 305 days ago
Sorry, but this is objectively not true. Like everything, nuance is crucial and our societal-legal system relies on it for a reason.

Leaking PII like names and phone numbers, versus KYC specific PII like ID proofs is a completely different ball game.

This argument is not about levels of harm, just your lack of understanding of nuance tbh.

link