• demesisx@infosec.pub
    link
    fedilink
    English
    arrow-up
    9
    ·
    10 months ago

    Disagree if you add the three different factors that I added to account for this in my original comment:

    As I wrote in my edit, I think the size of fine should be dependent on:

    • size of company

    • the reasonable expectation of security (which would partially attempt to decrease fines for unfixable breaches)

    • the number of unique users affected

    • theneverfox@pawb.social
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      I think that’s a great starting point for effective legislation.

      I also think this could easily be twisted to become yet another artificial barrier to entry.

      I don’t know what to do with that knowledge…I think you’re correct, but I also think there’s no way to pass such a law with its spirit intact today

      • demesisx@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        I’ll put the ball in your court.

        I’ve completely and irreparably broken up with electoral politics in the United States ever since my tax money started being spent solely on austerity and genocide. It’s about as likely for this to be introduced as a bill as it is for a third party to win a presidential election…ie IMPOSSIBLE.