I think the "therefore we should implement it well" is not forgotten, it's elided because we don't think it's likely to happen.

Tech-naïve people think that we can build super duper encryption systems.

The more jaded amongst us know that people can get sloppy or complacent, it's rare to see a regulatory system that truly incentivises good practice, data breaches will happen eventually, and no-one will be held accountable.

This is a big one in recent memory: https://www.theguardian.com/uk-news/2020/jun/10/babylon-heal...