Originally Posted by easy-v
Holding a software vendor to that standard smacks of ignorance.
Whoa there, Bucky. No need for name calling.
If I am an application vendor and I write a program which substantially threatens the security of my customers, I can and probably will be held liable, END OF STORY.
Disregarding the current legal climate in the US/UK or any country with regard to data security will not make it go away.