In that case the keys he has were definitely not his to use. Here we're looking at someone handed an API key by a company and then using it to access the API.
A lot of this depends on whether you view a phone as a device running third party' programs on behalf of the user, or a device that third parties allow users to run software on on behalf of the third party.
A lot of society is moving towards the later view, which is of course fundamentally wrong.
Right, the guy who's job is receiving hacked databases of user credentials from cybercriminals argues actually using said credentials would be going too far.
A lot of this depends on whether you view a phone as a device running third party' programs on behalf of the user, or a device that third parties allow users to run software on on behalf of the third party.
A lot of society is moving towards the later view, which is of course fundamentally wrong.