> A better example: a customer loses their drivers license/bank card and a thief finds it calls a bank to do transactions, using the info on the card to verify identity... A bank can only do so much to protect their customers. If someone is willing to leave their info lying around, there isnt much that can be done.
I don't understand this argument at all. Are we talking about customers leaving their information "lying around" or customers entrusting it to Netflix? I entrust my money to a bank: I give it to them. Customers entrust their transaction history to Netflix. Nobody is talking about customers leaking their private information to third parties, we are talking about the equivalent of the bank publishing the customer's driver's license information in a newspaper with their name obscured.
p.s. Now that I've established that I don't think this example is particularly relevant, I will share a story: Several years ago I returned from vacation to find a phone message from my bank. Someone had used what appeared to be my ATM card to withdraw $1,000 from my account while I was in Honduras. Of course I was the victim of some kind of skimming and cloning operation. The bank reimbursed me in full.
>> we are talking about the equivalent of the bank publishing the customer's driver's license information in a newspaper with their name obscured.
Its more like the DMV publishing driving record history with any identifying info removed, and then these people putting up some info on their driving record (along with identifying info) on a second website/db. Then someone can uses this second website (and the cross correlation algorithm) to id their record in the DMV publication and get more info on their driving record. Had those people not put any info on the second website their record could not be identified in the DMV publication.
Im not saying Netflix is innocent if they knew that such a cross-correlation algorithm existed. Im just saying that I dont want to live in society where a company can be sued for
everything that can go wrong, atleast when that company is taking every precaution using state of the art knowledge. If netflix failed to hire db security experts to notify them on this possibility, then yes sue them. I dont know enough about db security to say if this hole was known when netflix launched the contest.
> I dont want to live in society where a company can be sued for everything that can go wrong
Well, it isn't for me to argue with what kind of world you want to live in. Those are your authentic feelings and you're entitled to them.
> If netflix failed to hire db security experts to notify them on this possibility, then yes sue them.
I don't know how lawsuits actually go, but in principle at least the idea of a lawsuit is for Netflix to stand up and say "We did this and this and this" and for the plaintiffs or whomever we call them to say "yes but you failed to do this and this" and for a judge and/or jury to decide the case on its merits.
That's a nice fantasy, of course. In reality there's all sorts of backroom wrangling and juries baited into hating the big bad company and what-not. But in principle, a civil suit provides both sides and opportunity to make their case just as you say.
I don't understand this argument at all. Are we talking about customers leaving their information "lying around" or customers entrusting it to Netflix? I entrust my money to a bank: I give it to them. Customers entrust their transaction history to Netflix. Nobody is talking about customers leaking their private information to third parties, we are talking about the equivalent of the bank publishing the customer's driver's license information in a newspaper with their name obscured.
p.s. Now that I've established that I don't think this example is particularly relevant, I will share a story: Several years ago I returned from vacation to find a phone message from my bank. Someone had used what appeared to be my ATM card to withdraw $1,000 from my account while I was in Honduras. Of course I was the victim of some kind of skimming and cloning operation. The bank reimbursed me in full.