> it should be addressed, but it's not bad faith

I think this is the part that annoys me about the privacy community. There's nicer ways to deal with these issues and get them resolved rather than just leaping to the pitchforks. Raise the concern and observe the response. That is far more informative of how much one should trust. Because let's be honest, at the end of the day there is still trust. You have to trust that they have no logs. You have to trust any third party auditor. Trustless is a difficult paradigm to build, so what's critical is the little things.

But jumping to pitchforks just teaches companies to ignore the privacy crowd. Why cater to them when every action is interpreted as malicious? If you can do no right then realistically you can do no wrong either. If every action is "wrong" then none are. In this way I think the privacy community just shoots themselves in the foot, impeding us from getting what we want.