I actually do agree - but two wrongs don't make a right here. Taking raw credentials from users without them knowing is completely messed up and a massive danger to the end-user. It's not justifiable in those terms.

Yes I agree it can be scary, but it seems like this is the way a lot of companies have to do things if they want regulation to change at any reasonable pace.

Just look at Uber and AirBnB as examples. Most cities they started in they were operating in kinda grey areas or even breaking laws. But they could afford to eat any fines and continue on anyway. It forced governments to put regulations in place to support these systems.

Especially when it comes to banking, it moves at such a snails pace for anything to ever evolve. The two banks I am with in Canada only just recently finally added support for 2FA. But it's not even the type where you can use your own authenticator app. You have to use SMS, Phone Call, or their app. My one bank has my "password" being restricted to 6 characters. It's basically got to be a 6 digit pin. It's incredibly insecure already, Plaid doesn't make it much worse.

Now with 2FA finally there I feel a lot more secure using Plaid. Because now everytime I want to import my transactions in YNAB I have to enter my 2FA code before it can pull things.

But is it a good thing for companies that are rich enough to be able to force changes in regulations by overwhelming the government's ability to punish them?

No, it definitely is not. Governments notoriously move slow and they do not often keep up with the fast moving pace of technology.

Governments for the most part worldwide have still done barely anything to address things like "loot boxes" in gaming despite them being almost identical to gambling. They aren't even getting fined or anything for this and are raking in billions of dollars. So whether or not big companies are doing things to break regulations they can still be doing things that should be regulated or are not ethical anyway.

The taxi industry was pretty bad and often filled with scams and corruption. One of the cities I live near only allowed one cab company to be licensed in the city and they sucked especially when people needed rides home at night. So when Uber came in people loved it because they could finally get home safety after a night of drinking and it discouraged people from having to try and drive home drunk. For whatever reason the city always only allowed this one cab company. It would be reasonable to think a city official had some affiliation with that company to not allow other cab companies to come in.

Uber forced that to happen and it forced them to make regulation for it. There seemed to be no progress in that happening before Uber came to town.

So while Uber has some pretty shitty practices and I wouldn't consider it a good company, it is definitely a good example of what often needs to be done to force regulation.

And I mean a city always had the option to increase their fines to something massive and hit Uber hard, but instead they realized that their population wanted that and they would likely lose a lot of votes if they did something against the people like that.