No, because there's no such thing as "ethical hacking"; that's a marketing term invented by vendors to constrain researchers. You'd call what you're talking about "pentesting" or "red teaming". How you'd know you had a clownish pentest vendor would be if they themselves called it "ethical hacking".

There is no precedent for consequence-free probing of others' defenses. Unauthorized "testing conducted in ways unfavorable to vendors" is generally considered a crime of trespass, because everybody has the right to exist unmolested. Whether or not they have their shit together, you aren't authorized to test your kids' school's evacuation procedure by randomly showing up with a toy gun and a vest rigged with hotdogs and wires.

The way this goes in the digital space, people expect to break into my "house," see if they can get into my safe, snoop around in my wife's/daughter's nightstands, steal some of their underwear as a CTF exercise, help themselves to my liquor on the way out, then send me an invoice for their time while also demanding the right (or threatening) to publish everything they found on their blog. Unsolicited "security research" is a shakedown desperate to legitimize itself. Unlawful search/"fruit of the poisoned tree" exists to keep the cops from doing this to you, but it's totally acceptable for self-appointed "researchers" to do to anybody else I guess.

"Ethical hacking" is notifying the owner/authorities there's a potential problem at an address, seeing if they want your help in investigating, and working with them in that capacity-- proceeding to investigate only with explicit direction. Even if their incompetence or negligence in response affects you personally, that's not a cue to break a window and run your own investigation while collecting leverage you can use to shame them into compliance. That shit is just espionage masquerading as concern trolling.

You're doing the same thing the other commenters are: you're trying to derive from first principles what "ethical hacking" means. That's why this marketing trick is so insidious: everybody does that, and attributes to the term whatever they think the right things are. But the term doesn't mean those right things: it means what the vendors meant, which is: co-opted researchers working in collusion with vendors to give dev teams the maximum conceivable amount of time to apply fixes (years, often) and never revealing the details of any flaws (also: that any security researcher that doesn't put the word "ethical" in their title is endorsing criminal hacking; also: that you should buy all your security services from I.B.M.).

You can say "that's not what I mean by ethical hacking", but that doesn't matter, because that's what the term of art itself does mean.

If you want to live in a little rhetorical bubble where terms of art mean what you think they should mean, that's fine. I think it's worth being aware that, to practitioners, that's not what the terms mean, and that people familiar with the field generally won't care about your idiosyncratic definitions.

As a point of comparison, we don't talk about "ethical plumbing" as a term. If a company hires a plumber to fix their bathroom, they're just a plumber. If somebody breaks the law to enter a place and mess with the pipes, they're just a trespasser.

But the companies that brand themselves as selling "ethical" penetration testing, and sell certifications for "ethical hacking" would very much like you to lump other companies and other security researchers who are operated legally into the same mental bucket as criminals by implicitly painting them as "unethical".