Facebook Abusing Computer Crime Law To Block Useful Service
from the it's-not-hacking dept
We noted recently that the courts (and plaintiffs in lawsuits) have been stretching computer hacking laws in dangerous ways. The laws that were clearly intended to cover situations of malicious hackers breaking into a computer system they have no right to be in are being twisted around, such that contractual language is being used to make all sorts of access "unauthorized" under the terms of the law. For example, we noted a case where using an employer's computer to access information for personal use... could be seen as "unauthorized access" and, thus, criminal computer hacking.Last year, we wrote about a bizarre lawsuit where Facebook sued Power.com, a website that tried to aggregate various social networks into a single interface. That could be pretty useful. Facebook didn't like it and sued. But just because Facebook doesn't like something, it doesn't make it illegal. What if users want to access Facebook that way? Facebook tossed out a variety of legal theories, including the idea that this was criminal hacking, because it was unauthorized access. How is it unauthorized? Well, here Facebook got creative. It has, hidden within its terms of service the note that accessing Facebook through "automatic means" is forbidden. Facebook says that Power.com's aggregator is "automatic means" (which seems questionable), and thus accessing Facebook via Power.com is no longer authorized. Since the access is not authorized, then it's... unauthorized access, aka hacking, and a crime under California's computer crime statute.
The EFF has now filed an amicus brief in the case, pointing out that this would be a ridiculous stretch of California's computer crime law:
"California's computer crime law is aimed at penalizing computer trespassers," said EFF Civil Liberties Director Jennifer Granick. "Users who choose to give their usernames and passwords to aggregators like Power Ventures are not trespassing. Under Facebook's theory, millions of Californians who disregard or don't read terms of service on the websites they visit could face criminal liability. Also, any Internet company could use this argument as a hammer to prevent its users from easily leaving the service as well as to shut down innovators and competitors."Hopefully, the court agrees...
Even the simple use of the automatic login feature of most browsers would constitute a violation under Facebook's theory, since those services are "automatic means" for logging in. But the risk for users is even broader. If any violation of terms of use is criminal, users who shave a few years off their age in their profile, claim to be single when they are married, or change jobs or addresses without updating Facebook right away would also have violated the criminal law.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: computer crime, hacking, unauthorized access
Companies: facebook, power.com
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Ummmm
If this is the case, then wouldn't the facebook/power.com customer be guilty of hacking?
[ link to this | view in chronology ]
Re: Ummmm
[ link to this | view in chronology ]
Re: Re: Ummmm
[ link to this | view in chronology ]
Re: Re: Re: Ummmm
[ link to this | view in chronology ]
Re: Re: Re: Re: Ummmm
[ link to this | view in chronology ]
[ link to this | view in chronology ]
They done this with a bunch of really useful services.
[ link to this | view in chronology ]
Connect?
[ link to this | view in chronology ]
Put in frame?
I want to see friend status updates, period. There is no way to make it default view. they want to have you go to your selected "news feed" crap.
I tried with frames. Facebook direct to status updates, Google reader in another. Facebook at least renders but had a dark image over it. Google reader you have to scrape and strip some crap out, as it won't render in a frame at all.
Why is this so hard?
PS, if anyone knows how to get rid of that darkness when facebook is in a frame, let me know.
[ link to this | view in chronology ]
Continuing allowance of breaches of privacy
up pops this maessage about
"Allow extended permissions and earn (5) honor points!"
no explanation, no idea why it requires or wishes it. THIS is the kind a thing some kid ( who may not own his box thus the parent didn't have a choice ) would do and hten you might have data YOU dont even know what being slugged around. JUST put links to why and what that does and ok or not.
they need to real in these app makers and say HEY we know your wanting to get wealthy but um er law and privacy need some say
its not like were conservatives telling women to fuck off or anything after all.
once i get my webserver functioning im going to create a my own private thing with all the rule of law and strict arse privacy a user could wish for. BUT ITS only for my members the real ones not some people dropping into a open group on facebook haha...ya right.
-----------------------
explain the darkness you mean....
--------------------------
@2 it depends btw what the sites terms a service say BUT heres a way Canada deals with ti and why there is still a big stink about it and some remedies to think of
First I am not a lawyer more of a study of certain areas of law pertaining to internet.
Privacy law in Canada requires that any use of a persons data must have written permission EACH TIME it is used. a terms of service cannot legally say any time i want i can come get your data. THATS ILLEGAL. EACH time it requires a written authorization or its a FINE, a big one 50000 per instance.
THE solution here would be each time someone access your data or wishes too you are given a popup request ...YES or NO and who and for what the data is required for.
THATS THE LAW and the neat thing is what a Canadian does anywhere on the net our law has us subject to OUR LAWS NOT YOURS. NICE isn't it.
[ link to this | view in chronology ]
p.s. if you have ideas shoot them too me
:)
[ link to this | view in chronology ]
I'm leaving facebook if this continues
http://www.facebook.com/group.php?gid=123205857691804
[ link to this | view in chronology ]
have fun!
http://english.spost.it
[ link to this | view in chronology ]