> We will never sell data. That just isn't the business we want to build
These are just words from strangers on the internet. You're offering a free and auto-updating app. You don't give me a contract guaranteeing anything. Most terms of use/privacy policies have a clause stating it can be updated without notice and when you do have actual policies on your site I'm sure they will be similar.
At any point you can decide that actually, you do want to share my data, or share access to it through one of your products. Maybe you won't call it "selling" (the same way Zuckerberg can tell Congress that Facebook doesn't sell anyone's data).
Maybe you don't decide to share my data, but Fig gets acquired and the new management decides to. Maybe an attacker gains access to the data and shares it. Maybe an attacker compromises an update, turning all Fig instances into keyloggers, and paired with the required email addresses uses it to compromise other data.
These are just words from strangers on the internet. You're offering a free and auto-updating app. You don't give me a contract guaranteeing anything. Most terms of use/privacy policies have a clause stating it can be updated without notice and when you do have actual policies on your site I'm sure they will be similar.
At any point you can decide that actually, you do want to share my data, or share access to it through one of your products. Maybe you won't call it "selling" (the same way Zuckerberg can tell Congress that Facebook doesn't sell anyone's data).
Maybe you don't decide to share my data, but Fig gets acquired and the new management decides to. Maybe an attacker gains access to the data and shares it. Maybe an attacker compromises an update, turning all Fig instances into keyloggers, and paired with the required email addresses uses it to compromise other data.