The one who has the private keys to that account could give them the ETH back, yeah. But if no one has the private keys, they can not get it back, that would defeat the entire point of cryptocurrencies in the first place.
There are two types of accounts in Ethereum, externally owned accounts (EOA) and contracts. EOA are controlled by private keys where contracts are not. Since the user sent ETH to a contract, he cannot get his ETH back if the contract does not have a method to transfer ETH back. Whereas if he sent ETH to an EOA then the user of that account can send him back ETH.
But of course they can - if they are the right persons, that is. (See DAO hack. Of course, that did defeat the whole purpose of smart contracts but nobody was willing to notice.)
> See DAO hack. Of course, that did defeat the whole purpose of smart contracts but nobody was willing to notice
Of course a lot of people noticed. The problem is that cryptocurrencies are currently primarily functioning as investment object rather than an actual secure financial ledger, which is why the interest of investors will trump purity.