>Perhaps you're making an assumption that "normal citizens" receive legal threats regularly?
I consider myself a normal citizen and I receive "legal" and "illegal" threats regularly, the very vast majority being scam attempts of course.
Recently e.g. scammers keep telling me that my website's imprint is not up to code[0], either threatening to sue or outright claiming they are in fact a law firm and want a cease-and-desist and compensation for their law work, of course.
I also noticed how the Indian and Pakistani "security researcher" scammers[1] telling me about "major vulnerabilities" in my website - aka missing DMARC/DKIM headers (which are not even missing) - also started telling me how one can be fined under the GDPR for "bad security".
All joking aside tho, I get how some people may be scared by things like the CCPA emails, or the kind of emails I mentioned (if those didn't work enough times, scammers would have stopped by now). When I just read that particular email in the article, I didn't see a legal threat, but that's just me of course. Other people might read it differently, and I cannot fault them for that. I remember being concerned myself the first time one of those "imprint" scam emails made it through the spam filter.
[0] In Germany, commercial websites are legally required to have an imprint, and everybody can basically sue you if you mess that up, that much is true. It's also true that courts regularly rule that if you profit even from a private website, e.g. by displaying ads, then your website is in fact commercial and requires that imprint.
[1] This isn't to denigrate all Indian or Pakistani people, of course. It's just that the "security researcher" scammers I encountered thus far all operated from these two nations.
[2] Ranging from "homosexual" to "child". I wouldn't consider adult gay porn "bad" myself at all (just not interesting to me), that's their definition. It's quite interesting to me to see how they try to phish for closeted gay people more often than for pedophiles, at least anecdotally from what makes it to my spam folder. My guess is that the number of people who actually watch gay porn and are ashamed of it largely exceeds the number of people watching child abuse porn.
[3] I received those "huge money - pay fee" scam emails more than 20 years ago, and I still receive them today. Cannot argue with success, I guess?
I consider myself a normal citizen and I receive "legal" and "illegal" threats regularly, the very vast majority being scam attempts of course.
Recently e.g. scammers keep telling me that my website's imprint is not up to code[0], either threatening to sue or outright claiming they are in fact a law firm and want a cease-and-desist and compensation for their law work, of course.
I also noticed how the Indian and Pakistani "security researcher" scammers[1] telling me about "major vulnerabilities" in my website - aka missing DMARC/DKIM headers (which are not even missing) - also started telling me how one can be fined under the GDPR for "bad security".
As for the "illegal" threats... I, according to scammers at least, watch a lot of "bad" porn[2] and they know about it because they hacked me, and recorded me on my own webcam. But if I paid them some BTC/monero/whatevercoin ("Follow this link to learn how you can easily buy <coin>"), they wouldn't rat me out to my family/friends or the police. I guess I will just have to pay them, but then again I have a HUGE payday coming from that nice Nigerian prince and another from that fantastic Singaporean economic attaché... once I send them some bucks to cover processing fees, of course[3].
All joking aside tho, I get how some people may be scared by things like the CCPA emails, or the kind of emails I mentioned (if those didn't work enough times, scammers would have stopped by now). When I just read that particular email in the article, I didn't see a legal threat, but that's just me of course. Other people might read it differently, and I cannot fault them for that. I remember being concerned myself the first time one of those "imprint" scam emails made it through the spam filter.
[0] In Germany, commercial websites are legally required to have an imprint, and everybody can basically sue you if you mess that up, that much is true. It's also true that courts regularly rule that if you profit even from a private website, e.g. by displaying ads, then your website is in fact commercial and requires that imprint.
https://www.bmjv.de/DE/Verbraucherportal/DigitalesTelekommun...
[1] This isn't to denigrate all Indian or Pakistani people, of course. It's just that the "security researcher" scammers I encountered thus far all operated from these two nations.
[2] Ranging from "homosexual" to "child". I wouldn't consider adult gay porn "bad" myself at all (just not interesting to me), that's their definition. It's quite interesting to me to see how they try to phish for closeted gay people more often than for pedophiles, at least anecdotally from what makes it to my spam folder. My guess is that the number of people who actually watch gay porn and are ashamed of it largely exceeds the number of people watching child abuse porn.
[3] I received those "huge money - pay fee" scam emails more than 20 years ago, and I still receive them today. Cannot argue with success, I guess?