The threshold should be “am I confident the user I’m giving access to actually owns the accounts.”
I don’t see an issue in allowing a terrible regime the ability to more efficiently see if it’s own accounts have appeared in leaked databases.
Maybe, maybe, maybe if there is concern the government will persecute the hackers in a way that violates human rights. Maybe.
At the same time “it doesn’t feel right” matters. If your moral compass tells you something is off, listen to it.
The threshold should be “am I confident the user I’m giving access to actually owns the accounts.”
I don’t see an issue in allowing a terrible regime the ability to more efficiently see if it’s own accounts have appeared in leaked databases.
Maybe, maybe, maybe if there is concern the government will persecute the hackers in a way that violates human rights. Maybe.
At the same time “it doesn’t feel right” matters. If your moral compass tells you something is off, listen to it.