Sure. The most relevant section would be the "Error Resolution: Unauthorized EFTs" FAQ section in the link in my previous post, especially FAQs 4-8.
(Also, just to clarify how Plaid works, Plaid does not share account credentials with Plaid's customers, so you wouldn't be sharing your password with Mint via Plaid. Instead, Plaid provides token-based access to data via an API.)
After looking at those answers and reviewing the relevant parts of Regulation E that it cites, I do feel like the regulation pretty-comprehensively disallows banks to impose liability on the consumer for sharing their password. Answer 8 especially that notes that no waiver of Regulation E is allowed makes me feel more comfortable.
I'd still support an open-banking API law, but your citations here have really turned down the urgency for me on that issue.
(And, yep I'm familiar that Plaid does not share the password beyond itself and the relevant bank it's authenticating with)
(Also, just to clarify how Plaid works, Plaid does not share account credentials with Plaid's customers, so you wouldn't be sharing your password with Mint via Plaid. Instead, Plaid provides token-based access to data via an API.)