> Their inability to route that information to the right person should not be a valid defense or else incompetence becomes a business advantage.

I don't mean to sound trite but hasn't it pretty much been proven to be already?

Look at things like the Equifax situation. A competent team performing security reviews and fixing and maintaining things would cost money. Repeat for N data breaches. And that's just software security -- it doesn't consider even more serious cases like those of infrastructure failures (bridge collapses, levee failures, dams breaking etc.) that have more important consequences.

I agree with what I believe was the main point you were making which is that SEGA should not be excused here. I just think businesses have come to view competence as being expensive and so it's optional, and that this seems to be somewhat okay with people until it directly affects them.

Well the law was basically written by the big media companies, so we're lucky that there's any recourse at all.

More generally: we need a legal framework that makes people deploying automation responsible for what the automation does to the same extent as they would be if they hired people to do the same work. "It's a false positive in an automated system" should never be acceptable justification for invalid legal action, nor should it be used as extenuating circumstances. Either you're prepared to pay for the mistakes of your algorithm, or you should not be deploying the algorithm at all.

IANAL, but I think it's when, in a follow-up lawsuit, they find emails or other such evidence showing the takedown submitting party did so with knowledge that it was a false notice ahead of time. If you can't find something like that, then it stays negligence.