[boatsie]

This is what is so frustrating about companies harming many people by small amounts. There is no actual recourse for the individuals. If an individual missed a credit card payment by mistake, the bank would assuredly charge them a late fee, report the payment to the credit agencies, etc. But when the company makes a mistake like this, no penalty, no consequences. It really should be the other way around—we should extend grace to the person rather than the company, yet the company basically has more “rights” in a way than the person.

[WaxProlix]

Gah, it's an asymmetric war. I feel like, as programmers, we should be able to leverage automation for individuals to fight back smarter where corpos fight harder.

Might be hard to do without incurring the ire of the state, whose allegiances will probably not lie with the bearded fat man spamming Visa's webforms with the contents of their own emails or whatever.

[NaturalPhallacy]

The computer fraud and abuse act was quickly installed to prevent exactly this kind of levelling of the playing field in America.

Bank of America's website would let you change account numbers in the URL bar after logging in and see someone else's account. The CFAA was on their side.