laws because we can't do it for ourselves?

well, they're finally starting to round up some laws about data security.

and, like most things, i've got mixed feelings on the matter. on the one hand, i'm generally opposed to making a law anything that people can take care of themselves.

but, on the other hand, it's pretty much impossible to stop corporations (or private orgs and individuals) from collecting whatever kind of data they want to. and on that note, i'm still about the free flow of information--i'm not saying i _like_ being in all these thousands of corporate databases, but i _am_ saying that i feel anyone who wants to make a database of pretty much anything that's legally (and morally) acceptable to gather, should be allowed to do so.

but the thing is, most of the people and entitites building and maintaining these databases don't necessarily know a whole lot about security (or don't care or prioritze it correctly).

so, while i usually don't like the government stepping in to do things that people and companies should be taking care of themselves, it can easily be argued that they _aren't_ being taken care of.

if they do it right (which i doubt they will), maybe it'll stop incompetance like we saw back with cardsystems solutions when they lost forty million numbers and names that they weren't even s'posed to be _storing in the first place_!!

and that's it. they got off just fine. we should have dismantled that whole company (or at least given affected people the option of getting a new card number issued to them).

we've gotta take responsibility for our country or else someone else will...

--cid