|
|
|
|
|
|
by aborsy
1217 days ago
|
|
|
Just send from an email not under your real name. Further, I am not sure the company can prove this is unauthorized access when they provide the data without requiring authentication (through negligence). They could claim, we made it open to public but the public is not supposed to download it, but this is a difficult claim, eg, it should have been clearly stated in their website at minimum. It’s a bit like public photography. |
|
|
On the other topic: it definetly isn't anything like public photography you mentioned, at least not in my jurisdiction. Here it is enough that the company says "you were not supposed to see that data" and that is enough to claim unauthorized access. It is then up to the court to prove that they had adequate protections etc.
The OP says they are based in Canada. It definetly warrants hiring a lawyer to get advice on this matter, but IMO it is not worth it at all. The best possible outcome is getting a tap on the back and a thanks from the company, the worst possible outcome is legal proceedings. Expected net gain is negative.