Yes, buyers should be prepared by encrypting their information, but vendors should also help mitigate those risks by knowing how to use PGP and not treat it like an unnecessary burden.