This approach intelligently deals with violations of regulatory guidelines that does not have to apply a ‘one size fits all’ solution when different types of violations deserve different outcomes.

Regulations are meant to guard consumers and companies from harm, but if the intent to harm is not present,or if there is no real harm to consumers the response should not be identical to the response when the harm is real, or intentional.

How and When Regulators Should Intervene | The Information Technology & Innovation Foundation.

This shouldn’t surprise anyone who thinks about it.  It just reinforces the need to hold companies, or whomever is holding your data accountable for what they do with that data.  You might not even know that they have information about you, if they are not accountable, to you or to some other entity they will do what is best for them – not you.

 

Just four credit card clues can identify anyone – tech – 29 January 2015 – New Scientist.