My hunch is these things are more boneheaded than nefarious. Probably looking for URLs to share or something silly like that and just implemented poorly. Obviously not good for the PR, but say sorry and fix the bug. Luckily this shouldn't happen much longer once iOS 14 is properly released.
A few years ago, linkedin purposefully changed their notification emails to have less information so you're forced to log in and read the notification on their platform. Linkedin is also widely known for when they scraped users contacts and then spammed them.
Call it incompetence if you want, but there's a certain flavor of evil incompetence here.
I have no dog in this fight, but I was at LinkedIn at the time, on teams that worked closely to this. I can assure you that these changes were not made to force log in. It was a recommendation from the security team.
I know it's Hacker News and it's easy to criticize LinkedIn for shady growth practices and get praise for it. They often deserve it, but assigning malicious/growth intent for every change they make is misguided.
I'm not an expert, but i understand that redirecting to the app store is an explicit decision on part of the developer (and in Fact it only happens randomly), and a very anti-user one.
The security excuse is used as a way to increase conversion.
There might be a thin guise of "security" (i.e. email isn't a secure place to send your top-secret inbound message) but I'm inclined to suspect the main motivation is to drive people back to the platform and drive up their stickiness metrics.
For Facebook, the worst part is that it shows more in the gmail message preview than it shows when you click through to the message. There is no security explanation for that; it's clearly deliberate manipulation.
It is not just Facebook and LinkedIn. I've seen this from random small sites.
Some other silly shit that come to mind - having the unsubscribe link after half/full page of white space, once you click on unsubscribe "give us 24 to 48 hours to remove your email" etc. Really? they need 24 hours to delete (or change a flag) in the database?
Sometimes it’s some freaky ETL script that runs daily to put your address in a marketing message integration system. Not that it’s a great excuse, just usually more than a single flag update.
What I love is Reid Hoffman then going on about that move like he invented the fucking wheel. Like congrats, you stole some e-mail addresses and spammed them...you are now a genius growth expert? Joker.
His book is also staggering insight into how little ability he has an executive and investor (some of the stuff is intern-level mistakes, like maybe juniors who are in their first week and got the job because of daddy...but even then...rare).
Though some apps I trust more with how they use the clipboard data or only restrict it to certain types, eg: image data for a photo viewer, urls for a browser, tracking code for a delivery app
