The fact that the state of security or privacy is already bad is no reason to make it worse. Sure, "that ship" might have sailed a long time ago but that's no reason to send the rest of the fleet after it.
At one point, "the ship" of every tide that humanity has turned "had sailed". For example, there was a time when virtually every potent means of human transportation ran on heavily-polluting fuel -- and while we're by no means back to stone-age levels of environmental friendliness, we're still better off than in the 1960s.
> Do any businesses exist that you can apply this guarantee to?
No, but that's also why there is no company that I trust with a significant portion of my data over an indefinite period of time, nor with any data that I'm not comfortable sharing. (In fact, I don't trust any company that doesn't have a good retention policy -- thankfully, the GDPR makes it a little easier to filter those out now).
The value of data increases exponentially with its amount. For example, mounting a convincing ID theft based on passwords to my LinkedIn account and the local computer shop is difficult, but doable, with the right skills and the right motivation, and for reasonably simple things (e.g. impersonating me to get interesting, but not particularly sensitive data from a former colleague who still works at a former workplace). Mounting an ID theft based on all the data that Google or Microsoft store about a person is a whole different story.
Well, I'm saying that you're already trapped in the thing you're trying to avoid. I am too, everyone is. I'm not saying things will always stay the same or that we shouldn't do anything - I mentioned that we need more regulation. I'm just acknowledging that we have only a notional amount of control over our data. The data is distributed over such a large surface area and each node on that graph has a weakness to it. A large node like Google or MS will be a tough nut to crack, but a few small nodes (e.g. 150 million SSNs and other personal info from Transunion) will be far easier.
>The value of data increases exponentially with its amount. For example, mounting a convincing ID theft based on passwords to my LinkedIn account and the local computer shop is difficult, but doable, with the right skills and the right motivation, and for reasonably simple things (e.g. impersonating me to get interesting, but not particularly sensitive data from a former colleague who still works at a former workplace). Mounting an ID theft based on all the data that Google or Microsoft store about a person is a whole different story.
Right, so they would just hack Transunion and directly get SSNs and other personal info on 150 million people. Of course practically speaking, there are no 150 million "new" people who are just waiting to assume the identity of someone else.
Also as an aside if you were given the documents folders of 150 million people, you'd need a massive amount of storage space and compute power to run indexing, de-duplication and other automated tasks on all the various document formats before you can even begin mining any data from it. Though I'm sure the cost of that will come down over the next decade...
At one point, "the ship" of every tide that humanity has turned "had sailed". For example, there was a time when virtually every potent means of human transportation ran on heavily-polluting fuel -- and while we're by no means back to stone-age levels of environmental friendliness, we're still better off than in the 1960s.
> Do any businesses exist that you can apply this guarantee to?
No, but that's also why there is no company that I trust with a significant portion of my data over an indefinite period of time, nor with any data that I'm not comfortable sharing. (In fact, I don't trust any company that doesn't have a good retention policy -- thankfully, the GDPR makes it a little easier to filter those out now).
The value of data increases exponentially with its amount. For example, mounting a convincing ID theft based on passwords to my LinkedIn account and the local computer shop is difficult, but doable, with the right skills and the right motivation, and for reasonably simple things (e.g. impersonating me to get interesting, but not particularly sensitive data from a former colleague who still works at a former workplace). Mounting an ID theft based on all the data that Google or Microsoft store about a person is a whole different story.