In the UK we have the ICO (https://ico.org.uk/) who have the ability to fine companies who fail to live up to their data retention polices and/or fail to take adequate security measures to prevent or contain a serious personal data breaches.
If the UK Government are determined to enforce companies having to validate user ID's to use the company's services, then the government better well be determined to enforce our data protection laws too. Governments can not have it both ways (esp as the UK government also want to role out new digital IDs that will need to be checked when getting a new job), demanding users hand over ID to access services but not kick butts when those services fuck things up is just idiotic (Ok its the government, they make being idiots a profession), but that's not the fault of the user.
I'm mad at both Discord (for not securing their customers data inline with their published polices), and at the government (for forcing them into collecting the data in the first place, if Discord didn't have the data to begin with it can not be exposed).
But I can not be mad as users of a service, who though no fault of their own just wished to continue to be in communication with their friends and were faced with the no-win choice of providing ID or being denied access to a communication platform.
(just to be clear, I was not breached in this leak so I'm not being salty about the leak, but I see the point of view of the avg user because I see how the avg person uses the net every day.)
I'd have much more sympathy if this was the first instance ever of a corporation being negligent with people's data, and nobody was expecting it. We have to expect it, now. Corporations have a horrible track record of irresponsibility, and governments have a horrible track record of not punishing them. Data breaches are absolutely routine. Knowing this, it's very foolish to hand over ID through the Internet to someone. The top poster in this thread[1] has it right. At this point, you have to assume everything you submit or type into a web site is public information--that's how bad companies have gotten.
I assume if I run out into the middle of the motorway, I'm likely to get hit by a car. That's why I don't do that.
1: https://news.ycombinator.com/item?id=45522379
> I assume if I run out into the middle of the motorway, I'm likely to get hit by a car. That's why I don't do that.
The problem with this is that governments are now requiring you to cross the motorway if you wish to continue having the friends you have already made, but promise that the motorways are now safe for you to cross and they will hold to account anyone who makes crossing motorways unsafe, and the DoT have said "Its fine, we have put in crossings on the motorway to allow you to do so safely!"
Your avg joe is going to take those reassurances made by multiple parties and assume the activity that would otherwise be risky is safe under these circumstances.
When people go on thrill rides at amusement parks and get injured because the operator or manufacturer fucked up, we don't blame the rider "saying they should know better, look at all of those ride failures in the news!", as they expected the ride to be built to a high standard, it be maintained, operated corrected, and have safety watchdogs keeping an eye on everything.
I find it interesting where society draws the line in victim blaming. Because it is absolutely a spectrum, and there isn’t really a pattern. Personally, I don’t victim blame in this case, except for the people that explicitly voted for these short sighted “think of the children” politicians, but of course there’s no way to single them out here.