You misunderstand. Not the thief's liability, Linodes. If someone, say, engages in insider trading because of something they saw in Linode's own analysis system, Linode can be sued for failing to protect that information. If they have a policy of never reading customer data (and can prove it) that becomes much harder. The posited "anti virus checker" would throw that promise out the window.

How so? Google credibly claims (somehow) that they don't "read" customer email, even though they run the largest-scale automated email reading system on the planet.