The alternative perspective you're presenting sounds to me utterly cavalier about the prospect of ruining people's lives. It's like Equifax's attitude towards identity theft: it doesn't affect their profitability, so why care?
It's because such blithe dismissal of the damage caused by data gathering is so prevalent in the industry that the likelihood of devastating compromise is so high and the costs borne by the populace are spiraling upwards.
Some data should never be collected. Some data should never even be uploaded.
The problem I have is that you are conflating potential damage and actual damage as the same thing, which is not how you accurately measure risk.
I am honestly confused as to how you interpreted my last comment as "utterly cavalier about the prospect of ruining people's lives", when all I said was that your assumption doesn't take into account the actual probability of data being leaked and it doesn't weigh any of the benefits of data collection against that risk.
Small-likelihood times many-chances times grave-consequences equals a finite but significant number of lives wrecked. A gamble you deem acceptable.
I can only hope that karma visits those who arrogate to themselves the decision to sacrifice a few of their fellow human beings: may they and their loved ones become the sacrifices.
It's because such blithe dismissal of the damage caused by data gathering is so prevalent in the industry that the likelihood of devastating compromise is so high and the costs borne by the populace are spiraling upwards.
Some data should never be collected. Some data should never even be uploaded.