Do we know what data was harvested? Cause if its data that's supposed to be private then yeah, that's some murky business. If its public info, or info that can be accessed if you give an app permission to log-in, then is that really a "breach"?
I mean, it's terrible and CA was definitely misusing it, but if I install an app and it asks for permission to use my location and my contacts, and I grant them, is that a break of trust and a breach of the law on the Apple/Google front? What should Apple/Google be doing to protect my privacy?
Legit questions here; I do hope something is figured out and less people fall into this kind of trap. I've heard of Android games whose purpose actually is to harvest a ton of personal info. Apple seems to veto its apps better, and maybe that's the solution-- Facebook should veto 3rd parties better (Google should too, before something like this hits the fan).