Do leaks render privacy policies worthless?
Or, put another way, are leaks a Privacy Policy get-out clause?
As long as fines are a drop in the ocean there's No Privacy. Having privacy -but thinking you do not- stops free thought and speech, so letting a lack of trust be the norm is basically the same as stifling free speech. An institution like the Court of Justice of the European Union could pay itself if it went after Big Business. The only conclusion I can draw is that no-one (or not enough) in power actually wants to stop leaks and give citizens both privacy and a feeling of trust. In other words, privacy policies are worthless without enforcement, which we don't have.
Why would they? Do inside job bank robberies make bank vaults obsolete?
Also, the mere fact that data is publicly available does not imply you can use it at will (https://iapp.org/news/a/publicly-available-data-under-gdpr-m...). If a company has data it isn’t allowed to have, and leaks it, it still isn’t allowed to have that data.