Posts by The Original Anonymous Coward

I'm surprised how little media coverage this case is receiving because it's possibly one of the the most important law suits in recent history. Almost since the net went live people have hoovered up and used data and there is no such thing as a secure database. No matter what the financial or emotional costs to millions of individuals of a data breach, the perennial response is an empty apology occasionally accompanied with a nominal fine to a government body. If, as I hope, Morrisons lose this landmark case, every HR and legal department, in the UK at least, will panic and reconsider the basic instinct to horde data and to transact with staff and customers wholly online. Most IT departments are unfit to prevent even fairly unsophisticated attacks and so a basic philosophical shift is required from holding data to not holding data. Either services should be structured wholly around the handshake principle in which data is briefly passed but not stored, or data should be kept only by security-skilled data storage providers who are fully insured to accept liability for any breach. Holding data might make life easier (and more interesting/useful) for organisations but there is very little actual need for it.