OK, don't get your political knickers in a twist. I'm not going to talk about Parler's politics. Just their coding.
The reason that people were able to obtain so much data (*SO* much data) from Parler was that their security was terrible. As in, non-existent. No authentication. Deleted content wasn't actually deleted, just marked deleted. Post were identified by successively incremented numbers. Wanna scrape Parler? Easy-peasy.
Uploaded content was not modified. In any way. That means that metadata and location data in pictures and videos was still available.
They also gave Users the option of getting a 'Verified Account' badge by taking a picture of their drivers license for verification. Not sure what could go wrong there...
If there are any Europeans subscribed to it - they could be done for GDPR violations.
Marriot was fined 150 million for unencrypted scans of passports.
As a reminder, keep all discussions on this community on the topic of related cybersecurity, threats, technology, etc. Any off-topic and/or political posts will be removed and subject to enforcement of usage guidelines up to and including banned Community usage.
For reference, the Community's usage policy can be found here: https://community.isc2.org/t5/Welcome/ISC-Community-Usage-Policy-Guidelines-Updated-October-2020/m-p...
Any questions regarding appropriateness of topics, feel free to email the administrator at email@example.com.
As a community we should strive to help guide the discourse toward better security regardless of thoughts on the subject or material at hand. I get enough political nothingness through LinkedIn as it is. Let's draw the line somewhere.
Pointing out some bad practices is no cause for immediate alarm but not relying that information to the Paler administration is.