Quote Originally Posted by Stephen Biko View Post
Again - its the difference between systemic and one-offs. The law prevents them from designing a system that abuses that information - no way would they be able to implement a program of selling that information to anyone and if an attorney wanted access to the information it would require judicial oversight in the form of a subpoena.
I think we're talking past each other here. All I'm saying is that the probability and impact of identity theft is not necessarily determined by whether the threat can be classified as "systemic" or "one-off." What's the difference between a guy in China hacking into a military personnel database vs. a VA employee accidentally bringing thousands of SSNs and medical records home with him on his laptop? They can both result in the same level of damage, and we're at risk for both all the time. And the reality is that it's much more likely that you'd lose your privacy via a "one-off" mistake made by an insider with ready access to your data.