[threwawasy1228]

>don’t forget that these users consciously gave Facebook their passwords.

There is a lot of legal precedence about social engineering and how to prosecute it, this would completely fall under fraud. If I ask someone for their password to perform some service and they then I copy all of their data, that is a crime regardless of how stupid they are.

This really doesn't matter at all in a case of fraud if you gave the password willingly, it is under false pretense. If someone asks me to give them something so that they can provide a service or take those things as an investment. I willingly give them those things yes, but we have a written, verbal, or implied contract that they will do and will not do certain things with that information. Failure to follow our agreement and instead robbing me is a crime.

[dahart]

Hey I’m 100% with you. I’m not defending Facebook, and it’s crazy they ask for passwords. But just because Facebook’s at fault doesn’t mean that it’s okay as a user to give out your password, nor does it mean that you lost any money when contacts are copied, right? The words “stealing” and “robbing” don’t really convey what happened here, even in the case Facebook isn’t telling the truth.

[threwawasy1228]

You are saying that the words 'rob' and 'steal' don't convey what has happened here, but this is only true in the colloquial sense. There is a good reason why many legal codes and laws start off with a exhaustively long list of definitions. Legal definitions often are different in very subtle ways that maybe aren't apparent at first glance.

If you don't think that this is the proper framing, maybe consider a different one. It is clear that there is definitely room to interpret this as a civil or criminal act regardless of how the parties craft their arguments. For example, imagine an employee that copies company data, even if it has no actual value under their authorized username/password on the last day of work. This is often charged as a clear criminal offense. So to reiterate, employee with authorization to access dataset, copies a large dataset with no obvious monetary value on their last day of work, but one that they weren't given permission to copy. There are cases that have been literally this, and it is easy to see how this incident could line up with this legal approach.

I think you are fixating too much on a critique of the specific charge listed by the top of this thread. I was defending the idea that there would probably be a way to go about mounting a case in that way. You seem to think that this is the incorrect legal framing for this, which is totally fine. The legal process is more of a subjective art than a science.

[dahart]

What made you think I was fixating on anything? I just agreed with you that Facebook's action is at least negligent and could be criminal. I guess I'm fine with the word stealing in the sense of information theft. Still, Facebook claims it was an accident and that the data is being deleted. It might have been intentional, but I'd wait to call it intentional until proven, even though they've done it intentionally in other cases. :)

All I'm really saying is, no matter what, don't give out your password. And if you do, don't pretend to be shocked when something bad happens.