Comment by flaminHotSpeedo

> My opinion is that both should be liable in a case like this.

I totally agree, but if I went after every company I felt to be incompetent to the point of criminal negligence I'd be up to my eyeballs in lawsuits just over password requirements.

> The answer is always the same IMO. Break up big tech companies into a million little pieces.

Generally I agree, but in this case I think there's an even simpler solution: 1) hold Google accountable for entries in their safe browsing lists (as an adjacent poster pointed out, the legal precedent may be there) and 2) make companies legally liable for misusing 3rd party data.

Really just the second part would suffice, and frankly it's purely good for society. The inevitable outcome is that no one exposes data they can't guarantee, and maliciously consuming 3p data would nearly disappear