It is.
The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have “no reasonable expectation of privacy” in that information.
Source
“it’s not known whether the leak came from within the company or one of its vendors.”
Isn’t it time that big tech companies and their sale of private data get regulated? I see a giant class-action lawsuit in the making here.
It is. The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have “no reasonable expectation of privacy” in that information. Source