[nwsm]

> the archivists here exploited a vulnerability to create numerous administrator accounts on the system

I don't see any suggestion that they had elevated accounts or access. They directly hit parler's public backend server that powers the apps and website, asked it for as many posts as they could, and archived them. The backend did not require authentication to do this, and the posts were identified by auto-incrementing IDs, so it was trivial to scrape essentially all posts from 1 - n.

If we we had GDPR I think individual posters could probably sue the archivists? I'm not sure. Otherwise this is essentially webscraping, which doesn't seem to have been successfully prosecuted much [0].

[0] https://en.wikipedia.org/wiki/Web_scraping#Legal_issues