Asking for a friend (who also thinks there should be a law against offshoring the responsibility to safeguard said data.) There should also be a Congressional hearing to determine whether or not you can call yourself an "American Company" if you offshore the lion's share of the workforce.
3 replies (most recent on top)
If the data is viewed in india, the data is moved to india just by viewing.
Doesn't matter if it's two factor, encrypted, or key encoded. Data has to be sent to a destination to view.
Data is only as secure as the person who views it is.
Does the actual data leave the US or is it just viewed on servers in India?
@ghe+1pOJ6bmH :
I can most certainly trust that ANY corp will protect my data*
as much as they need to in order to offset penalties/fines/bad publicity/lawsuits, or at least as long as any statute of limitations holds the decision makers liable after they bail and go somewhere else. As long as the majority of people keep thinking that all of this "convenience" is free and "their info isn't worth anything anyway" and no one does anything too stupid so that those fringe people whining about our hard working lobbyists actually start getting taken seriously. As long as no one that matters* is involved in a breach, they'll just get more and more commonplace (like homeless people - eventually, you don't even notice). Heck, no one's even bothering to offer "free random info dark web something or other looksees for a year" to breach victims anymore. And if someone DOES ruin our good thing, then we'll just have to demonize whatever measures are put into place to clamp down - regardless of whether or not the measures are reasonable. It's all good.