I am definitely not arguing users should not be responsible for what they do. My point is that companies (especially billion dollar companies) can, and should be (more) secure by default.
I am also making the observation that this does not seem to get fixed by itself, rather it seems it needs regulation, which includes GDPR.
I am also making the observation that this does not seem to get fixed by itself, rather it seems it needs regulation, which includes GDPR.