seven_phone@lemmy.world
on 30 May 16:24
nextcollapse
Why do you require me to give so much personal information to make a simple purchase, isn’t it a security hazard?
We take security very seriously and guarantee your information is kept safe from any potential threat.
…
Our servers are currently down due to a security breach, we are looking into it and have learnt lessons and will provide a guaranteed secure environment for our users going forward.
But what about the first guarantee you gave, will you make good any losses I incur from the theft of my data from your servers.
Hello?
Hello??
SharkAttak@kbin.melroy.org
on 30 May 20:41
nextcollapse
I’ve said it before, there’s really only one way to make user data safe. Nations that want their citizens’ data to be safe need to pass laws that make exposing that user data extremely (cripplingly) bad for companies.
The penalties need to be so harsh that the fines could put them out of business. Companies should not want to hold user data, they need to think of user data like toxic waste, more of a liability than a valuable resource. When companies need user information to operate they can utilize “data handler” companies, firms that specialize in secure storage and and cryptographic systems. Companies that would actually be willing to risk holding user information. These companies can provide APIs for other organizations to access the user data when needed. But to be clear, most companies will not want to store that data locally, because the risk of exposure could be ruinous to the company.
There’s an extra benefit of this plan too. Most organizations don’t hold user data, they pay someone better at it to hold it for them. Because they need to pay for API access, they’ll use the data sparingly, not frivolously throwing user data everything, tracking users on the web, or sharing data with advertisers. Having to pay for access will make companies use our data less.
This is a good idea. I think one risk, though is that the specialist companies that hold all the personal data then become massive targets and a single breach would be catastrophic.
Still better than the way things currently are, though.
That is definitely a concern! But as the company’s entire future depends on their digital security policies and practices, I expect them to take it pretty seriously. There couldwill certainly be shitty companies, but hopefully they won’t last long and the reliable companies will survive.
threaded - newest
Why do you require me to give so much personal information to make a simple purchase, isn’t it a security hazard?
We take security very seriously and guarantee your information is kept safe from any potential threat.
…
Our servers are currently down due to a security breach, we are looking into it and have learnt lessons and will provide a guaranteed secure environment for our users going forward.
But what about the first guarantee you gave, will you make good any losses I incur from the theft of my data from your servers.
Hello?
Hello??
Dasvidania
Is that “goodbye” in Russian? Why?
I’ve said it before, there’s really only one way to make user data safe. Nations that want their citizens’ data to be safe need to pass laws that make exposing that user data extremely (cripplingly) bad for companies.
The penalties need to be so harsh that the fines could put them out of business. Companies should not want to hold user data, they need to think of user data like toxic waste, more of a liability than a valuable resource. When companies need user information to operate they can utilize “data handler” companies, firms that specialize in secure storage and and cryptographic systems. Companies that would actually be willing to risk holding user information. These companies can provide APIs for other organizations to access the user data when needed. But to be clear, most companies will not want to store that data locally, because the risk of exposure could be ruinous to the company.
There’s an extra benefit of this plan too. Most organizations don’t hold user data, they pay someone better at it to hold it for them. Because they need to pay for API access, they’ll use the data sparingly, not frivolously throwing user data everything, tracking users on the web, or sharing data with advertisers. Having to pay for access will make companies use our data less.
This is a good idea. I think one risk, though is that the specialist companies that hold all the personal data then become massive targets and a single breach would be catastrophic.
Still better than the way things currently are, though.
That is definitely a concern! But as the company’s entire future depends on their digital security policies and practices, I expect them to take it pretty seriously. There
couldwill certainly be shitty companies, but hopefully they won’t last long and the reliable companies will survive.WWIII being fought with 1’s and Zeros.