Sure, but there are different kind of mistakes. Surgeon can make a mistake, but it's a different kind of mistake if instead of a surgeon, a plumber cuts the patient with a kitchen knife.
I agree it's a difficult problem and it's hard to define boundaries, but some level of competence is welcome when handling data that belongs to other people.
If you start some internet service, I expect you not to lose my data (in some lame way, s.h.), just like I expect my car mechanic not to destroy my engine.
edit: to give it context, I closed my programming website with thousands of active users that I had for almost 20 years because of GDPR, I'm not a big fan of it, but what I like even less is when complete incompetence when handling personal data results in zero consequences
I agree it's a difficult problem and it's hard to define boundaries, but some level of competence is welcome when handling data that belongs to other people.
If you start some internet service, I expect you not to lose my data (in some lame way, s.h.), just like I expect my car mechanic not to destroy my engine.
edit: to give it context, I closed my programming website with thousands of active users that I had for almost 20 years because of GDPR, I'm not a big fan of it, but what I like even less is when complete incompetence when handling personal data results in zero consequences