Comment by donmcronald
19 hours ago
> But my point is that any knock on effects like domain suspension, email deliver-ability, etc. stem from 3rd parties misusing the safe browsing list outside the scope of safe browsing.
That's fair and I agree. My opinion is that both should be liable in a case like this. If I had to attribute it, my starting point would be that Google is liable for the loss of website traffic and the registry is liable for the loss of email and all other lost services due to the domain suspension.
It spirals though because, like you pointed out, no one forced (ex:) Mozilla or Apple to adopt the blacklist. They did that voluntarily, so they should be responsible for their share. That's why nothing ever gets fixed. It's broken, but there's so much potential for finger pointing that no one gets pinned down and held responsible.
The answer is always the same IMO. Break up big tech companies into a million little pieces.
> My opinion is that both should be liable in a case like this.
I totally agree, but if I went after every company I felt to be incompetent to the point of criminal negligence I'd be up to my eyeballs in lawsuits just over password requirements.
> The answer is always the same IMO. Break up big tech companies into a million little pieces.
Generally I agree, but in this case I think there's an even simpler solution: 1) hold Google accountable for entries in their safe browsing lists (as an adjacent poster pointed out, the legal precedent may be there) and 2) make companies legally liable for misusing 3rd party data.
Really just the second part would suffice, and frankly it's purely good for society. The inevitable outcome is that no one exposes data they can't guarantee, and maliciously consuming 3p data would nearly disappear