The third largest breach ever just happened in Finland. Passwords were stored in plaintext. At T-Mobile Austria, they explain that of course they store the password in plaintext, but they have so good security so it's nothing to worry about. At what point does this become criminally negligent?
(Score: 2, Insightful) by Anonymous Coward on Sunday April 08 2018, @05:00PM
We need to be clear on the role of government and this is a fair use of regulation. We already have baseline legal requirements for consumer contracts so you can sign credit agreements in confidence without having to hire a lawyer to go over the small print. Every time you click "I Agree" on a web site, it's the same thing and it extends beyond consumer protection. For example: Low level employees in businesses have to sign up for online accounts all the time, often without the executive authority to enter into contracts on the part of the company.
I honestly don't see how anybody could reasonably object to a well drafted law (or international treaty) covering data protection, liability and baseline statutory requirements for online contracts. I do though appreciate the concern governments would turn it into a power grab.