It's the user's data, its not on 23andme to baby the user. If the user wants to trade ease of login with risk of getting hacked, that's not 23andme's fault.
if they’re hosting sensitive data, it isn’t “babying” the user to take some responsibility for the data your company exists on.
if they can’t take responsibility for it, then they’re too irresponsible to make money it.
it would be entirely reasonable for them to say “we don’t want anything to do with this data, we don’t want to profit from it, we don’t want to use it in anyway, therefor we will not retain it at all.”
babying the user by taking responsibility for the very data they profit from? unreal.
It's not always that clear cut, though; after all, wouldn't this argument apply to e.g. laws requiring seatbelts? One could argue that in this early-ish stage of electronic data, vendors that hold very sensitive data are being irresponsible. Not just about not requiring more secure authentication, but also for pushing less secure authentication like SMS-based authentication factors.
ApolloFortyNine|2 years ago
jonny_eh|2 years ago
Yes it is. It's their fault for giving the user a choice. Google requires (some) users to enable 2FA, why can't 23andme?
https://www.tomsguide.com/news/google-forcing-2fa-users
toofy|2 years ago
if they can’t take responsibility for it, then they’re too irresponsible to make money it.
it would be entirely reasonable for them to say “we don’t want anything to do with this data, we don’t want to profit from it, we don’t want to use it in anyway, therefor we will not retain it at all.”
babying the user by taking responsibility for the very data they profit from? unreal.
jchw|2 years ago
Clamchop|2 years ago
wilg|2 years ago