John, I'll just stand by my opinion that the opinion that you now express is
not the one that will become "accepted jurisprudence" within even a year or so. As I've expressed before, we are still living in "the Happy Time" of "all this Internet new-stuff," in which millions of people are ... exposing themselves to vulnerabilities that they know not of. (Because, they have never existed before, in all of human history
or jurisprudence.)
Right now, people send "private" e-mails ... without envelopes. They spill their guts on Facebook ... because "only their friends" can see it, forgetting that Facebook can (and does). But, as perhaps the most immediate risk that could translate to "new and novel
terrorism," they are spewing their second-by-second
geolocation, as well as that of their children.
Superimposed over all of this is the
other, twin, set of enabling factors, which are like gasoline on the fire:
- "The Cloud™," which puts data-centers and data anywhere in the world where electric power (and labor) is cheapest, and conceals from public awareness exactly where "where" is.
- "Ignorant labor policies," which shamelessly encourage the importation of laborers from foreign lands, treats them poorly while they're in the land, and sends them back to their homeland periodically. "Cheap(er) labor" is the only, capitalistic concern, but the risks involved have not become public policy yet. The profession of software development is not yet recognized as "a profession." The strictures that are gradually being imposed on the handling of data do not yet include strictures on the people who effectively and typically have carte-blanche access to that data.
As I said, "the Happy Time." Unfortunately, when such gigantic vulnerabilities are allowed to exist,
someone can, and therefore will, exploit it ... and, unfortunately, in the most-savage way. (You can't outrun "knowledge of your habits and practices perhaps
But even so, we are already very-plainly seeing the cracks in the patina. We can't keep explaining away "data breaches" as the work of incredibly clever
far away hackers when anyone who's ever read a dime-store detective novel would come to the very obvious and much simpler conclusion: "it was
an inside job." (And then, when evaluating
where the data is, and
who has access to it, also has "the means
and the motive.")
When John Q. Public is finally confronted with this ... and let us pray that the confrontation
isn't commensurate with the demolition of three buildings in New York City ... the results will not be pretty for our starry-eyed industry. They will
sue, and they will
win "as a class." They will demand legislation, and it will come: the harsh, knee-jerk legislation that comes from legislatures that are themselves "running scared."
None of these outcomes are, in any way, "outcomes that I want." But I
do spend a lot of time reading
history books, and there are plenty of parallels between this and past technological improvements. The Internet, however, is
far more pervasive (and in several different meanings of that word), making it therefore far more risky. The "Happy Times" that we are now in, may turn very "Sad" indeed. Let us earnestly hope not ... but history suggests otherwise.