Good News: Violating Terms Of Service Is Not Hacking; Bad News: Circumventing Weak Tech Blocks Might Be

from the some-good,-some-bad dept

Fri, Jul 23rd 2010 11:21am — Mike Masnick

We've been covering the ridiculous lawsuit that Facebook has been pursuing against Power.com for a while now, specifically worrying about how, if Facebook prevailed, it could mean that violating an online terms of service in accessing your own data, could make you a criminal. That outcome seemed ridiculous, but the way Facebook read federal computer fraud statutes, it was possible. Thankfully, the court has shot down that argument.

But it's not all good news. In the same ruling, the court did say that Power.com (an aggregator of data from various social networks) still may have violated computer hacking laws by changing its IP address. That's because Facebook had blocked Power.com's old IP address to try to block the site from accessing user account data. As the EFF explains:

In other words, it may be a crime to circumvent technological barriers imposed by a website, even if those measures are taken only to enforce the terms of service through code. There's nothing inherently wrong or unlawful about avoiding IP address blocking, and there are valid reasons why someone might choose to do so, including to sidestep anticompetitive behavior by other Internet services. As long as an end user is authorized to access a computer and the way she chooses doesn't cause harm, she should be able to access the computer any way she likes without committing a crime.

Of course, given the way the DMCA handles circumvention for copyright (it's not legal even if for legal uses), perhaps there's some precedent for this kind of ridiculous, totally counter-intuitive outcome.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: circumvention, fraud, hacking, terms of service
Companies: facebook, power.com

17 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

crade (profile), 23 Jul 2010 @ 11:51am

At least circumvention of digital locks is closer to being related to hacking than it is to copyright infringment.
[ link to this | view in chronology ]
- :Lobo Santo (profile), 23 Jul 2010 @ 12:18pm
  
  Re: Circum my vent!
  How is it circumvention when the digital "locks" are about as effective at actually locking something as the "Do not remove this tag" mattress tag?
  [ link to this | view in chronology ]
  - crade (profile), 23 Jul 2010 @ 12:20pm
    
    Re: Re: Circum my vent!
    How is it not?
    [ link to this | view in chronology ]
    - :Lobo Santo (profile), 23 Jul 2010 @ 1:00pm
      
      Re: Re: Re: Circum my vent!
      It's about as secure as a sticker with 'lock' printed on it.
      
      One could peel off the sticker with no effort (in order to show it to somebody and say "what's this supposed to be?") and they've magically broken the law with no effort on their part.
      
      There's a word for that, it's called "entrapment" if you're a law-dog, or a "shake down" if you're a mafioso. Both are, allegedly, illegal.
      
      Therefore, logically, slapping an entirely ineffective lock on something is "entrapment" and bitching to your congress-lapdog about how it's not working deserves a bitch-slap and a "buy a real fucking lock" NOT new laws to make circumventing your pathetic excuse for "security" even more illegal.
      [ link to this | view in chronology ]
      - crade (profile), 23 Jul 2010 @ 2:03pm
        
        Re: Re: Re: Re: Circum my vent!
        They might deserve a bitch-slap, but they got new laws. The fault lies with the legislation, not with the fact that some circumvention is dead easy.
        [ link to this | view in chronology ]
    - Anonymous Coward, 23 Jul 2010 @ 1:12pm
      
      Re: Re: Re: Circum my vent!
      How is it not?
      
      Likewise, I challenge anyone to prove that the tooth fairy *doesn't* exist.
      [ link to this | view in chronology ]
      - crade (profile), 23 Jul 2010 @ 2:57pm
        
        Re: Re: Re: Re: Circum my vent!
        I challenge anyone to prove that if something was done easily, that means it was never done at all.
        [ link to this | view in chronology ]
        
        Anonymous Coward, 23 Jul 2010 @ 3:51pm
        
        Re: Re: Re: Re: Re: Circum my vent!
        If you want to assert something, whether it's a claim that changing IP addresses is "hacking" or that tooth fairies exist or whatever, people may you to provide some kind of evidence beyond "prove that it isn't".
        [ link to this | view in chronology ]
        
        crade (profile), 23 Jul 2010 @ 11:15pm
        
        Re: Re: Re: Re: Re: Re: Circum my vent!
        I didn't ask for proof that it isn't, I asked for any possible theory as to how it might now be, since I couldn't think of one.
        [ link to this | view in chronology ]
        
        crade (profile), 23 Jul 2010 @ 11:43pm
        
        Re: Re: Re: Re: Re: Re: Re: Circum my vent!
        (with original the "how is it not" statement)
        with the (intended sarcastically) "I challenge" statement, the evidence is included. It is a simple contradiction. We are not talking bout hacking, but about circumventing protection methods. The original argument was that it isn't circumvention because of the ease in which protection method was circumvented. A contradiction.
        [ link to this | view in chronology ]
Anonymous Coward, 23 Jul 2010 @ 12:21pm

Hmmm...people with buggy software on pacemakers are forbidden from circumventing the DMCA?

Can people look at the software used in medical equipment to make sure it is safe? would that be a crime?
[ link to this | view in chronology ]
Andrew (profile), 23 Jul 2010 @ 1:29pm

So if I prohibit people from saving the photos on my site locally with my TOS and then 'enforce' this by disabling the right click menu with JavaScript, does this mean anyone running a browser without JavaScript enabled, or who has chosen to stop the right click menu being disabled through JavaScript (an option in Firefox and probably other browsers too), is potentially breaking the law? Yikes.

Good news on the other part of the ruling though.
[ link to this | view in chronology ]
- Anonymous Coward, 23 Jul 2010 @ 4:16pm
  
  Re:
  So if I prohibit people from saving the photos on my site locally with my TOS and then 'enforce' this by disabling the right click menu with JavaScript, does this mean anyone running a browser without JavaScript enabled, or who has chosen to stop the right click menu being disabled through JavaScript (an option in Firefox and probably other browsers too), is potentially breaking the law?
  
  You don't even have to go that far to implement a technical restriction. The mere omission of a "download" button does it. Obviously, if a web page wanted to allow downloads it would have one. Using a software circumvention tool, whether it's DECSS or the "save" feature of Firefox is then clearly a DMCA violation. There has even been discussion in some circles of prohibiting the distribution of browsers in the US with "save" features on the grounds that they are circumvention devices. Future browser versions for distribution in the US would then come without a "save" capability.
  [ link to this | view in chronology ]
  - Anonymous Coward, 23 Jul 2010 @ 7:31pm
    
    Source citation please!
    I'm not doubting you here but, if you can, please provide citations for the comment about "prohibiting the distribution of browsers in the US with "save" features".
    
    I find this level of idiocy very interesting....
    [ link to this | view in chronology ]
Dementia (profile), 23 Jul 2010 @ 2:07pm

So where does that leave people who don't have a static IP account through their ISP? If they blocked me and the power goes out, when my modem reboots, it gets a new IP address. Have I now circumvented their technological block?
[ link to this | view in chronology ]
- Anonymous Coward, 23 Jul 2010 @ 3:44pm
  
  Re:
  Yes. Please report to jail immediately, criminal!
  [ link to this | view in chronology ]
vastrightwing, 26 Jul 2010 @ 12:09pm

DRM is a wax seal
I've made this comment a few times calling all DRM a "wax seal". What gives the wax seal teeth is the government allowing companies to enforce it. While DRM does nothing to stop copying, it gives tremendous power to companies to extort money from people who break the seal. I guess an analogy here would be to leave a bicycle tied to pole in a public place while someone is watching while another person unties the rope. Once the rope is untied, the person is taken to the police and charged with a crime and forced to pay a fine. Sure, you may lose a few bicycles, but the reward more than pays for the few lost bikes.
[ link to this | view in chronology ]