> The point, that you appear to have missed, is that the argument
Excuse me, but your approach to this conversation has been rather uncharitable. The assumption, that you omitted from earlier replies, is
>> Your trove of personal data has monetary value...
> is exactly the same as
>> Your trove of actual money has monetary value...
Which is factually incorrect, which is why I was unable to read your mind in this particular regard. Rather than present your concerns with an omission in my answer in a clear and constructive manner, you challenged me to defend a position that I have zero interest in taking. The latter half of your response here is clearer, so thank you for taking the time to explain your concerns.
> The person who isn't concerned about privacy is, and you still haven't done anything to convince them, because banks.
That's the conclusion you've jumped to. Next time, this could be rephrased without the implication that I'm an idiot for not jumping to the same conclusion. A more generous approach to this conversation could look like, "Can you explain how data stored by an online company differs from money held by a bank? I don't think your argument is adequately differentiates the two."
As you note, "information is not like money." What I presented was a process by which the monetary value of information can induce people to steal it. As you note, money is fungible, and data is extremely personal -- so these assets are not exactly the same.
With regards to banks. A bank robber does not have the power to empty your account -- only the bank's cash on hand. This isn't the wild west, banks are insured, and cash on hand is an insignificant fraction of a bank's holdings. If an employee embezzles, there is a remote chance that your personal account will be targeted. However, banks are regulated and these actions will be traceable and correctable -- you might be broke for a few months, but you'll almost certainly get your money back. As we have both mentioned, banks are not without risk -- but there is significant infrastructure in place to mitigate that risk. For instance: if you have $1m in cash, you might want to proceed with extra diligence when entrusting it to a bank -- FDIC only insures deposits up to $250k.
As you note, there's no take-backs when your data is stolen or scummed. There's a possibility that your livelihood will be ruined, and that loss can actually exceed $1m. Your identity is not insured in the same manner as bank deposits.
Companies which peddle personal data have almost zero regulation -- the actions of employees and hackers may be traceable in some cases, so they might face punishment. But that punishment will not remediate the damages you'll face -- and if they are caught, you can try to sue them, but you likely won't receive even a fraction of the damages.
> Ok, now explain why I should trust a bank with my money, but not $any-internet-company with my personal info.
Instead of a good faith response, like, for example "money and personal information differ, here's why", you said
> Trust is an emotion, I won't rationalize it for you. You can distract yourself and others with math and rules and sturdy construction, but there's always sidechannels.
Which is mostly meaningless to me, and I'm quite confident completely meaningless to someone who isn't familiar with security.
Excuse me, but your approach to this conversation has been rather uncharitable. The assumption, that you omitted from earlier replies, is
>> Your trove of personal data has monetary value...
> is exactly the same as
>> Your trove of actual money has monetary value...
Which is factually incorrect, which is why I was unable to read your mind in this particular regard. Rather than present your concerns with an omission in my answer in a clear and constructive manner, you challenged me to defend a position that I have zero interest in taking. The latter half of your response here is clearer, so thank you for taking the time to explain your concerns.
> The person who isn't concerned about privacy is, and you still haven't done anything to convince them, because banks.
That's the conclusion you've jumped to. Next time, this could be rephrased without the implication that I'm an idiot for not jumping to the same conclusion. A more generous approach to this conversation could look like, "Can you explain how data stored by an online company differs from money held by a bank? I don't think your argument is adequately differentiates the two."
As you note, "information is not like money." What I presented was a process by which the monetary value of information can induce people to steal it. As you note, money is fungible, and data is extremely personal -- so these assets are not exactly the same.
With regards to banks. A bank robber does not have the power to empty your account -- only the bank's cash on hand. This isn't the wild west, banks are insured, and cash on hand is an insignificant fraction of a bank's holdings. If an employee embezzles, there is a remote chance that your personal account will be targeted. However, banks are regulated and these actions will be traceable and correctable -- you might be broke for a few months, but you'll almost certainly get your money back. As we have both mentioned, banks are not without risk -- but there is significant infrastructure in place to mitigate that risk. For instance: if you have $1m in cash, you might want to proceed with extra diligence when entrusting it to a bank -- FDIC only insures deposits up to $250k.
As you note, there's no take-backs when your data is stolen or scummed. There's a possibility that your livelihood will be ruined, and that loss can actually exceed $1m. Your identity is not insured in the same manner as bank deposits.
Companies which peddle personal data have almost zero regulation -- the actions of employees and hackers may be traceable in some cases, so they might face punishment. But that punishment will not remediate the damages you'll face -- and if they are caught, you can try to sue them, but you likely won't receive even a fraction of the damages.