Yes, public apathy is the biggest roadblock to most meaningful reform (in all aspects of life and politics, not just FB/big tech).
But looking at it another way, the sheer volume of incidents has got to some how desensitize the vast majority of people out there. Personally, probably half of the companies that I regularly do business with have had some major data breach within the last few years. But nothing ever comes of it - no real punishment, no new meaningful requirements to protect their infrastructure, and no specific harm to me personally. So should I stop interacting with these companies? What about all the other companies out there where it’s just a matter of time before their own data breach? Should I eschew all technology and go back to the barter system? I think the genie has already been let out of the bottle and maybe we need to look at solutions assuming that data breaches will happen and how to protect people after the fact rather than preventing them in the first place.
But looking at it another way, the sheer volume of incidents has got to some how desensitize the vast majority of people out there. Personally, probably half of the companies that I regularly do business with have had some major data breach within the last few years. But nothing ever comes of it - no real punishment, no new meaningful requirements to protect their infrastructure, and no specific harm to me personally. So should I stop interacting with these companies? What about all the other companies out there where it’s just a matter of time before their own data breach? Should I eschew all technology and go back to the barter system? I think the genie has already been let out of the bottle and maybe we need to look at solutions assuming that data breaches will happen and how to protect people after the fact rather than preventing them in the first place.