Steve Youngblood said:
I know you kind of address this, but I really, really wish people would stop making the disingenuous comparison between companies with tons of user data/money/possessions and the expectations therein to protect that, and random citizens' with their personal belongings and the expectations therein to protect those.
The core problem is that there's a ridicolous statement flying around that sounds more or less like "If you're storing my data, then you WILL be responsible if your security is breached".
Which equals to saying that companies that use personal and CC data are required to be 100% safe. Makes as much sense as saying "every post office should be robbery-proof".
It doesn't work like that. It's insane to even expect it works like that.
The only situation where Sony is responsible for the data it lost is the one where it's proven their security wasn't adequate. Being breached DOESN'T equal to not having adequate security. Being robbed DOESN'T equal to being careless.
In order to make such statements we should know it's positively possible to be 100% safe from any form of attack. If that isn't possible, than any judgement should be suspended until guilt is proven.
Instead we got this hysteria going on that internet databases should be magically safe and if they aren't, the companies who took the data are the culprit. Such a nice world we live in then, because I can imagine a small company wanting to start a business making indie projects without going through the official distribution channels and being unable to do so because they can't afford a multimillion worth online security deparment.
Let's have our priorities straight. IF tomorrow Sony is proven guilty, let's have them pay their dues. MEANWHILE, we have real criminals to pursue, eradicate and punish in an exemplar enough way to discourage any other lowlife to go and try to compromise our lifestyle again. Yet apparently that's a secondary issue.
