> Back in the AT&T monopoly it required a third-party device (the Carterphone) to actually be released on the market for their anti-competitive terms to be challenged and eventually struck down in court.
That's so american to think that another company should fix this. It's the state's responsibility to fix that, if people want it.
> How? If an idiot user gives their credentials to a shady third-party, it's the user's fault for compromising their own data, not Meta's. If a user were to print out pages of the Facebook web UI containing private data and then start distributing them in the streets, would you also blame Meta, and not the user? What about if the user writes down the private data manually, and then distributes it? Etc.
I mean content and distribution. Also, providers might be liable for not protecting the user enough. Sorry but your other examples are stupid and totally not what I meant.
> Is there any evidence they captured or misused the proxied data for beyond what's needed to provide the service?
I bet you take care of security in your job ... not. "ThEy DiDn'T aBuSe AnYtHiNg (yet)".
> Someone who's actually interested in setting the legal precedent that would allow this behavior and invalidate ToS preventing it?
Still, liability is a bitch, as you can see. The risks were all laid out quote clear beforehand.
> It's the state's responsibility to fix that, if people want it.
So let's say there's a bad law on the books that prevents this. How do you get people to understand why they should revolt against it without giving them a tangible example? There's plenty of bad laws out there such as the CFAA, yet it's virtually impossible to get people/politicians to care about it because they're not affected by it directly. On the other hand, giving people a tangible example of why the law is bad, such as by breaking it to deliver something valuable, will immediately get people's attention when that valuable service stops because of the law and they got used to relying on the service.
> providers might be liable for not protecting the user enough
How do you effectively protect the user when they are voluntarily giving away their credentials? Furthermore, is it even "protection" (as opposed to rent-seeking) if the user consensually and voluntarily shares their credentials because they trust the third-party?
> I bet you take care of security in your job
Well my security model is that the user is only allowed to access the data they are entitled to. If the user gives away their credentials voluntarily, despite all warnings, there's really nothing I can do, and maybe I shouldn't do if it turns out the third-party is actually operating a legitimate service that the users find valuable.
> Still, liability is a bitch, as you can see
Well, all of this will have to be determined by courts, and ultimately depends whether there's any money to be collected in the first place. This entire operation may have been planned ahead of time with the company structured in such a way that there's nothing for Facebook/Meta to collect even if they end up winning any eventual lawsuit.
That's so american to think that another company should fix this. It's the state's responsibility to fix that, if people want it.
> How? If an idiot user gives their credentials to a shady third-party, it's the user's fault for compromising their own data, not Meta's. If a user were to print out pages of the Facebook web UI containing private data and then start distributing them in the streets, would you also blame Meta, and not the user? What about if the user writes down the private data manually, and then distributes it? Etc.
I mean content and distribution. Also, providers might be liable for not protecting the user enough. Sorry but your other examples are stupid and totally not what I meant.
> Is there any evidence they captured or misused the proxied data for beyond what's needed to provide the service?
I bet you take care of security in your job ... not. "ThEy DiDn'T aBuSe AnYtHiNg (yet)".
> Someone who's actually interested in setting the legal precedent that would allow this behavior and invalidate ToS preventing it?
Still, liability is a bitch, as you can see. The risks were all laid out quote clear beforehand.