> Yes. I'm not skeptical that fax is safer than email. I'm skeptical that it's safe.
Nothing is 100% safe. It is just a matter of being safer than the effort the attacker is willing to spend gaining hold of the data (or that it will take so long that the data is no longer worth having).
The context is that companies that continue to push fax could, and should, do something better. The manufacturers I mentioned, for example, could implement paypal or stripe payments with very little effort. Aside from security issues (fax to email gateways, cc info sitting on a shared fax machine for everyone to see), it would reduce costs.
Does it matter? The point is that fax isn't inherently a great idea for confidential info.
There's also the issue that many fax endpoints that are fax to email gateways. Or fax to non https website gateways.
Edit: Nobody is arguing for using email instead of fax. The argument is to use something better. Like paypal or stripe instead of full cc info + cvv2 on a piece of paper.
When it comes to liability for breaches of confidentiality, yes, it matters very much whether the sender chose an poor channel or the recipient had choose poor practices around what was done with information once it was received.
I see all sorts of things I shouldn't see when searching the pile of papers on the fax machine at a large company for my fax.