This article – "Personal Records can never be safe", states the blooming obvious, it seems to me, which is why I keep saying that the tenor of debate has to be shifted to encompass public education about the realities and how people can protect themselves.
It does not, of course, mean that we should not make our systems as secure as they can be, and win the public's trust; nor does it mean that the public should not trust us with their information.
However, part of winning that trust is being honest and realistic about the protection that can be provided. Among the realities are that human nature will always be a factor, which encompasses criminal intent, incompetence and error; and the increasingly sophisticated security that we provide may always be matched by increasing criminal ingenuity.
It was ever thus. The crucial issues are ensuring that any system failure (security breach) is detected promptly, and measures can be taken to swiftly repair any damage.
I worked at home today.