> Sometimes I wish data privacy laws were stricter
I think the laws and awareness are good enough atm, but no laws and probably no amount of knowledge or auditing will stop a data leak from indadvertedly occurring.
It happens relatively rarely that a large multinational food company poisons half its customers (or so I like to think), hence I would assume that laws and proper auditing can stop such problems.
In summary I have spent at least five to ten minutes (and likely more) on spam brought to me by Dropbox without any compensation. How about a fixed payout of, say, 100€ per leaked detail (username, password, email etc.), payable immediately to each customer? At least companies with bad security would be out-of-business soon.
I think the laws and awareness are good enough atm, but no laws and probably no amount of knowledge or auditing will stop a data leak from indadvertedly occurring.