The Diebold Hack Test Mystery
Power Grid Hacker Gets More Jailtime

Using BugMeNot Probably Not A DMCA Violation

Legal Issues

from the in-case-you-were-wondering dept

Thu, Dec 1st 2005 2:24amMike Masnick
While there haven't been any lawsuits brought against anyone for using BugMeNot to use someone else's username and password, TechLawAdvisor is pointing out that a recent decision seems to make it clear that using someone else's username and password does not violate anti-circumvention provisions of the DMCA -- mainly because there's no circumvention. Of course, the details from where Kevin got this story are behind a (you guessed it) password protected website -- which doesn't appear to have a BugMeNot workaround. Google, however, turns up the decision he appears to be talking about. It's an interesting case with a few different legal issues. In a different lawsuit where participants were told not to write about the case online, an expert witness did discuss the case -- but in a password-protected section of his own website. The lawyers for the other side got a working username and password and found the quotes, eventually getting the expert witness into some trouble. He sued using a few different laws, but the DMCA claim is probably the most interesting. Of course, it could be that there are other laws you're violating in taking someone else's username and password -- but it's apparently not a DMCA issue.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

21 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 1 Dec 2005 @ 5:36am

    No Subject Given

    You know what else isn't a DMCA violation? Walking peacefully down the street. I don't know if this kind of article is encouraging or discouraging. We shouldn't have to point out what obviously isn't illegal.

    link to this | view in chronology ]

    • identicon
      Jesse, 1 Dec 2005 @ 5:39am

      Re: No Subject Given

      I thought it was interesting... Have you used BugMeNot before? Have you ever wondered, whilst entering someone else's password, what kind of risk you could be taking accessing information you didn't sign up to be allowed to access?

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 1 Dec 2005 @ 5:59am

        Re: No Subject Given

        I use BugMeNot every day; I even have the great Firefox extension. It never even occurred to me to worry about it being illegal... the passwords and user names are freely given and shared. It's not illegal to do anything remotely similar in the "offline" world ... something about the Internet scares people and lawmakers into thinking you give up your basic civil liberties by going online.

        link to this | view in chronology ]

        • identicon
          Scott, 1 Dec 2005 @ 9:13am

          Re: No Subject Given

          No offline equivalent? The username and password are equivalent to a key, therefore if I give you the key to my workplace(secure datacenter), there is nothing illegal happening? I am under contract to secure my key and you are not authorized to be in my building(most agreements with online sites have you agree this is for your and only your use.) While I agree bugmenot is a great tool, it can be abused, and abused in a manner that is illegal.
          This is not the fault of bugmenot however, it is the user who should not have put that info into it.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 1 Dec 2005 @ 9:34am

            Re: No Subject Given

            A locked door is very different from a Web site open to the public. Your analogy is extremely weak.

            link to this | view in chronology ]

            • identicon
              Scott, 1 Dec 2005 @ 1:29pm

              Re: No Subject Given

              Obviously it isn't open to the public or you would not need a username or password would you? Open means I don't have to do anything to get it doesn't it?

              link to this | view in chronology ]

    • identicon
      Dam, 1 Dec 2005 @ 6:15am

      Re: No Subject Given

      You know what else isn't a DMCA violation? Walking peacefully down the street.

      Are you sure? Two feet - one off the ground, one on, could be intrepreted as digital motion and you don't own the rights to it!

      link to this | view in chronology ]

  • identicon
    Anon, 1 Dec 2005 @ 6:19am

    BugMeNot can withstand any litigation

    In any lawsuit, BugMeNot will clearly prevail. This is simply because of two key principles. First, all information is given, not hacked. So, there is noone who is having their actual information stolen by submitting a login. Second, sites are given the option to inform BugMeNot that they are a pay-per-view site, and be delisted. This means that all other sign ups on BugMeNot are for sites that are open to the public.

    So, there is simply no plaintiff that can raise suit. No information on either side is priviledged. The New York Times, for instance, can never claim that a public sign up account being used by others is stealing some type of non-public, private data.

    That, and they do not want to stir up a story in the news and calls for stricter regulation of what type of information can be required of online users. It's bad PR to come out and say you have the legal right to collect millions of people's personal data for absolutely no good reason.

    Newspapers have long talked on other sites about the possibility of suing BugMeNot. Do you know why none have? They all realise the exact same things. First, that if a site has a lot of visitors using BugMeNot, then they are obviously asking too much of their visitors. And second, that if they try to force BugMeNot to not list on their site, then their user databases will simply fill up with the same people inputting fraudulant data because they will still refuse to give out their personal information.

    And so, BugMeNot is actually a service for these sites. With it there, they can point to why private data collection online doesn't need extra regulation, and they keep out excessive bogus account signups.

    link to this | view in chronology ]

    • identicon
      Rikko, 1 Dec 2005 @ 9:06am

      Re: BugMeNot can withstand any litigation

      Isn't that basically the same arguments people had for Napster being immortal?

      link to this | view in chronology ]

    • identicon
      FireMonkey, 1 Dec 2005 @ 9:36am

      Re: BugMeNot can withstand any litigation

      "Second, sites are given the option to inform BugMeNot that they are a pay-per-view site, and be delisted" I agree that BugMeNot is safe from prosecution, but the above logic is utter crap. That reminds me of how Google gave publishers a way to opt-out of having their works scanned, rather than allowing them to opt-in for inclusion in the index. They were still copying copyrighted works. Let's have an extreme example: I collect and publicly display ill-gotten garden gnomes. Last week, I posted on my website that anyone who does not want their gnomes added to my exhibition should contact me and have their gnomes removed from my list of "candidates". I also state that by NOT informing me of your anti-display desires, you give me permission to take and display your gnome. Can I be prosecuted for taking your gnome? According to your logic, no. You passively gave me permission by not opting out. In the real world? I'd be wearing some very tiny gnome-sized handcuffs.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 1 Dec 2005 @ 12:24pm

        Re: BugMeNot can withstand any litigation

        You're comparing stealing physical property to... sharing free, knowingly-given logins to public web sites? Bugmenot is more akin to having a network of friends to tell you the shortcuts in your drive around town than to stealing garden gnomes.

        link to this | view in chronology ]

  • identicon
    haggie, 1 Dec 2005 @ 3:59pm

    No Subject Given

    If a website can successfully sue BugMeNot, wouldn't it also imply that an individual could be sued for doing the same thing? If I register at a registration required website and then give my user name and password to my girlfriend, can I be sued by the website?

    Anyone want to bet that anti-BugMeNot language starts showing up in website registration EULAs in the very near future?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 1 Dec 2005 @ 6:01pm

      Re: No Subject Given

      EULAs mean nothing and are utterly unenforceable.

      link to this | view in chronology ]

  • identicon
    Greg, 2 Dec 2005 @ 9:28am

    why?

    I still fail to see how BugMeNot can come under any fire from any websites unless they are pay websites (which could easily block off visitors being refered to the site from bugmenot with a quick edit of their .htaccess file). Basically the people with user names and passwords to these sites are the same people that are putting them on BugMeNot.com for everyone else to use. It's not like BugMeNot is doing anything malicious to gain access to these password protected websites. It's basically just a middleman to gain access to these sites, pretty much just like word of mouth (people telling other people their username and password to access the site), but just on a bigger playing field.

    link to this | view in chronology ]

  • identicon
    andrew throne, 9 Apr 2007 @ 7:59pm

    help

    i think bugmenot is not a strong website becos i fine it very defficute to bug into website,so if u any boby know about any strong site i can u to bug webmail and other boxs do mail me or drop a note.

    link to this | view in chronology ]

  • identicon
    Stephen, 23 Jul 2007 @ 3:39am

    opt out vs opt in

    I think what FireMonkey said was true. The presumption should be that all websites are not involved and if a site wants to become involved, bugmenot should be the one who's responsibility it is to seek permission.

    link to this | view in chronology ]

  • identicon
    Bernard, 30 Dec 2007 @ 7:10pm

    BugMeNot is a PROBLEM !!!

    It seems like many people consider BugMeNot not to be a problem.

    Well, that's a problem for me. I'm managing and moderating an important online community where the members can interact with each other. And some people sharing these accounts and using these shared accounts from BugMeNot have very bad intentions and are disrupting the activities of the community and bothering the members.

    Moreover, BugMeNot terms of use are making it illegal for me to use their service.

    I just can't let this happen...

    link to this | view in chronology ]

  • identicon
    lol, 3 Apr 2008 @ 6:39pm

    dont ban this site,
    bcuz i need 4 pr0n

    link to this | view in chronology ]

  • identicon
    Diana, 11 Aug 2008 @ 11:52pm

    FUCKYA

    we VOLUNTARILY gave away passwords, you fucking authorities!

    link to this | view in chronology ]

  • identicon
    George, 10 Feb 2009 @ 8:28am

    Sensitive data

    I know this is a bit of stretch, but consider:
    What about an intern or a fulltime employee that works at a research center where they research diseases. There would be information on the internal site of such a corporation, that could be used to create biological weapons. Now that information is classified and 'for your eyes only'. Is a free pass to such information not a danger to the society and illegal?

    link to this | view in chronology ]

  • identicon
    Benson Josh, 7 Jul 2011 @ 8:21am

    LOAN OFFER (APPLY NOW)

    Do you need a loan? for information contact us at benson.josh@aol.com

    link to this | view in chronology ]


The Diebold Hack Test Mystery
Power Grid Hacker Gets More Jailtime
Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

Friday

19:39 Important Announcement: Techdirt Is Migrating To A New Platform (0)
More arrow

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.