If customers do not care enough to stop using the product then there is no harm. Put in another way: the people you are trying to protect don't want your protection, because they don't care enough about the breach to stop using the product.
They shouldn't be learning about the breaches from the company that has been breached because that gives the company too much power. Instead we should empower watchdog organizations to be our source of news for data breaches.
> If customers do not care enough to stop using the product then there is no harm.
Facebook users (notably not customers) are the ones being harmed here, and they don't exactly have free reign to choose the platform their communities talk and organize on. If I choose not to use Facebook then I'm isolating myself from my community.
Relying on one irresponsible for-profit organization for your communications is a disaster waiting to happen. By using that service, you enable them to continue. It takes two to tango.
Yes, so people would use Insta. Then it gets bought by Facebook. Then WhatsApp, also bought by Facebook. Etc. Everywhere you run, Facebook and friends is waiting with a warm, privacy suffocating hug.
What the hell is the FTC and DOJ doing allowing these obvious anti-competitive mergers and acquisitions? How is Amazon able to sell physical and digital products, control distribution channels, and sell significant infrastructure? I am no monopoly expert, but in my opinion, AWS is a significant competitive issue. Did we learn nothing from US Steel and Standard Oil? Has the Clayton Act been ignored? It seems like the Sherman Act matters as well: companies all agreeing, within hours, to ban certain apps or content. That’s not competition.
You're ignoring the comment you're replying to. It's not 'two to tango', it's the network effect Facebook deliberately set up and perpetuates thru growth and acquisition.
People don't care enough because it's a privacy inconvenience vs all their communication with their family and friends. There's little that will tip that scale.
The answer is probably strong anti-competitive legislation that makes it easier to move service, easier to inter-operate between services, and making services more granular.
Good point! What do you think we should do about this problem? Ban companies from holding onto data when they are deactivated? How would we enforce that?
The problem is even worse: if your friend shares their contact list and that is the data that gets leaked, what then? I think that brings to question the entire idea of a phone number belonging to one person. A friend can give consent to share your information. Maybe we are focusing on the wrong set of problems?
Maybe phone numbers / email addresses being leaked is a problem that cannot be solved and instead we should focus our efforts on spam filtering or being able to easily change those identifiers.
I think they should notify everyone affected. Provide them with what was leaked, when, how, and how its been patched. And also provide the user the ability to have all the data permanently deleted from their datastore if they desire.
No, societies recognize that everyone shouldn't need to be a doctor/engineer/financial analyst to avoid harm in daily activities, so we collectively empower regulators like the FDA/FAA/SEC to protect us from unfettered capitalism.
Likewise we shouldn't expect people to all be computer security experts, but we should expect regulators to keep us safe by creating standards and enforcing penalties for companies failing to meet them. I'm not saying we need a new regulatory agency, but we do need enforced regulation with scalable teeth.
> No, societies recognize that everyone shouldn't need to be a doctor/engineer/financial analyst to avoid harm in daily activities, so we collectively empower regulators like the FDA/FAA/SEC to protect us from unfettered capitalism.
This centralizes power to a few at the expense of the many. Furthermore I deem the social contract to be unethical so I would not include myself in the "everyone" camp. I'd much rather see watchdog organizations regulate the market.
You the individual have no power to make Facebook, or any large organization, change its behavior. To it, you are like an ant is to a human. There is no "at the expense of the few" when you have nothing.
But just as a colony of ants can destroy a house, so too can we puny humans, when united, extract demands from huge corporations. Individual regulators do the actual fighting, but they do so on our behalf, with our collective backing.
(Side note: so cool of you for disagreeing with the social contract, though your edgy dissent is only possible because the majority do accept government.)
They shouldn't be learning about the breaches from the company that has been breached because that gives the company too much power. Instead we should empower watchdog organizations to be our source of news for data breaches.