I don't see how the former has anything to do with the latter.
You don't see how it doesn't make sense for Graphene to reject a company because it doesn't handle security according to their standards, but be OK with a company that is actively malicious?
alt Hacker News
You don't see how it doesn't make sense for Graphene to reject a company because it doesn't handle security according to their standards, but be OK with a company that is actively malicious?