I don't know about US contract law, but some jurisdictions require special notice for "unusual" terms.
Just because the EULA was accepted doesn't mean it is fully valid.
Can you expand on this from a technical perspective?
> distinction between them doing it and you breaking into a system and doing it.
I think a more accurate comparison would be you being given access to a system to perform some work, but then accessing files and performing operations, such as exfiltrating that data, outside the scope of your work.
I didn't mean to scrutinize - I just know very little about browser exploits, especially details, and thought there was some specific attack for browser history.
> The apps in question were collecting users browser history and sending files, including user passwords, in a ZIP archive to a remote server.
I remain numb as to how little accountability there is in tech. The abuses taking place now for too long - even out of sheer laziness (ie, not updating or patching software) - is mind-blowing.
I suppose the moment you hold a single company accountable, you're forced to hold the entire abusive industry accountable.
> I was really shocked how no one cares.
Of course people aren't willing to care that much when they're unwilling to give up something they're currently getting 'for free'.
... But you're right, we should care.
I'm skeptical that this is the whole story. And really, why should the benefit of the doubt still be given to companies collecting this kind of data for dubious (stated) reasons without an explicit opt-in?
I'm asking because I haven't installed an app myself yet through the Mac AppStore which would explicitly ask me to accept any terms.