boris feinbrand said:
Tell me you're not serious.
Why should BP be responsible for the Oil Spill. I mean we can't expect them to prevent all oil spills or being prepared for a disaster like that by employing state of the art technology.
There's a massive difference here - responsability for your
own behaviour is one thing, responsability for
someone else's behaviour is another.
That's the crux of the argument in a nutshell: translating the (sane) concept that a company needs to do all that is its power to make sure his operations are safe and so are the interests of those they work with into the idea that if any reason something goes wrong the company is
automatically responsible is insane.
It's absolutely batshit insane.
However, my point here was more along the lines of: why are we blaming corporations for something they may or may have not done instead of focusing on the fact that perfect internet security is damn expensive and thus assuming any company who doesn't make colossal investments into it is responsible (or co-responsible) in case of hacking means that a large amount if not the majority of indie companies and distributors aren't supposed to be in the business? Because the crux of this assumption is that basically nobody who's a giant megacorporation should be running online businesses, and even them should think about it.
Why should Tepco be responsible for handling the aftermath of the tsunami taking out the auxilliary power generator at their Fukushima Plant. We can't expect them to have state of the art security to run their business.
Are you aware that natural disasters are, for the most part, considered events out of your control in terms of responsability in almost if not every common and civil law systems?
I don't wanna start a too technical discussion, but legally the relevant word is "negligence". What you're trying to find out is: was the guy doing everything that was
reasonable in order to prevent or face events that could be
somehow predicted?
"Reasonable" doesn't mean "everything possible". There must be a relationship of proportionality. Some civil law systems call it the "family father's goodwill", but it generally boils down to the idea that there's a balance to strike between doing what you can to prevent hazards and not making your activity or business an excessive burden because of such requirement.
In short, it's not sufficient to be able to imagine a scenario where the hazard would have been prevented or resolved to assume it was the responsability of the involved party to provide for that scenario.
Hell, why should a bank have to secure their online transactions.
You're failing to understand the core point here: a bank MAY or MAY NOT be responsible if the data are stolen. If there's no negligence proven, they won't pay a penny (but they probably have insurances who will pay to avoid litigations and consumer backlash, not to mention the fact that most government force them to have insurances through law to avoid consumer damage). There's no mandate to have 100% security. It's an insane requirement.