[dspillett]

> zero desire to keep any copy of work code or other data on any personal device

Same. I won't even have Teams or Authenticator on my phone unlike most others here (though wrt Teams, that is at least as much about not wanting work to bother me as it is about the danger of data seepage). I need the authenticator to do the job, but I have an old factory-reset phone that has that (and, just in case, Teams) on it.

> But when I was younger? I could totally imagine getting a big juicy dataset like that and wanting a copy for myself.

I'm pretty sure I never would have done. I've always resisted knowing credentials and personal information that aren't mine (so if anything untoward happens with/using that information there is no way it can be my fault/doing, as well as the less selfish reasons) despite people falling over themselves to do things like tell me their passwords & such when they were wanting some for of tech support.

But I think there is a different attitude to data risk in that age group today. They've grown up in a world where very little is really private, and every app and its dog has wanted their contact details and other information (and all too often information about their friends & family), do the idea that data is a free-for-all is dangerously normalised in their heads.

I find older people are similarly very lax with their own data, in fact often being rather too trusting of others generally, but not so much with other peoples. There are a lot more people who are appropriately careful (or even paranoid) in their 30s/40s/50s (I'm late 40s myself) - I think we are lucky to be in the middle, being exposed to information dangers enough to not have that “naivety or age” and not desensitised by having lax information security pushed at us from an early age.

[enoint]

Check out FreeOTP if you want an alternative to Google Autheticator.

[dspillett]

This is MS's authenticator, integrated with all our Azure gubbins, not something I get a choice about.

[GJim]

> But I think there is a different attitude to data risk in that age group today. They've grown up in a world where very little is really private, and every app and its dog has wanted their contact details and other information

Counterpoint from a UK/EU perspective.....

Anybody new being onboarded is given (company compulsory) GDPR training if their role involves any handling or processing of personal data whatsoever. Data security and privacy is being treated quite seriously here; though unfortunately not seriously enough IMO.

[dspillett]

Counterpoint also from a UK perspective: unfortunately a lot of people give no more than lip service to that training, and there are a great many people who have been in that sort of role who have avoided taking part in it at all. It sometimes worries me how seriously some people don't take the matter, and how many see that sort of regulation as pointless “innovation” preventing inconvenience. Heck, I know one fool who gave “the overreach manifest in GDPR” as one of his reasons for voting for brexit.

My DayJob company, and most of the people working here, do have the right attitude, as do most of our clients (if only because of the potential punishments, both in terms of fines and a slapping from the court of public opinion, if something done wrong has signifiant repercussions), but I do worry about how many people and companies seem to not care at all.

[GJim]

To be fair, it is apparent the tide is turning and awareness of data privacy is growing; even if this is unfortunately due to the increasing damage data breaches are causing.