Posted on 08/20/2013 9:43:01 AM PDT by Ernest_at_the_Beach
If you're a normal Internet user, you probably think you have the right to access anything that's put before the public. Not any more, at least in America, where the Computer Fraud and Abuse Act has been invoked to support a user-specific ban on accessing a Website, and in which the use of a proxy to circumvent a block has been ruled illegal.
The decision was issued in a spat between Craigslist and screen-scraper 3Taps. As noted in the judgement, 3Taps was sucking down all of Craigslist's classifieds, offering an API to third parties, and created craiggers.com which the judgement says replicated the entire Craigslist website.
Objecting to this, the classifieds site first blocked 3Taps and then sent it a cease-and-desist. When 3Taps turned to using proxies to circumvent the ban, Craigslist then took the case to the US district court of Northern California. It asked the court to find two things: that the violation of its terms and conditions brought 3Taps under the purview of the Computer Fraud and Abuse Act (CFAA); and that circumventing the ban by disguising its IP address also broke the CFAA.
On the terms and conditions question, Craigslist was rebuffed. However, in a decision that will send chills to anyone using a proxy to get around geoblocks, the court thought otherwise: under the plain language of the statute, 3Taps was 'without authorization' when it continued to pull data off of Craigslists website after Craigslist revoked its authorization to access the website. As the 'ordinary, contemporary, common meaning' of the word indicates, and as Brekka expressly held, authorization turns on the decision of the 'authority' that grantsor prohibitsaccess, judge Charles Breyer writes [note: judgement has been quoted directly, with the original US spelling].
So, while not ruling all proxy use illegal, the case certainly opens a crack for wider bans on IP address cloaking. Because Craigslist had instructed 3Taps that it was not authorised to access its Website, and because that instruction was specific to 3Taps, its use of proxies constituted circumvention in the language of the CFAA.
However, an ordinary user say, an Australian that took the advice of the Australian Consumers Association and used IP spoofing to get around geographically-specific software pricing would not be in the same position. Such a user would be breaking a site's terms and conditions, which judge Breyer said did not violate the CFAA, at least until a specific ban were instituted by the site. ®
Stealing a whole database via the internet is illegal....duh!!
Exactly, this has nothing to do with IP NAT’ing being illegal. They used the technology to circumvent the law.
So, when’s Team 0bama going to be arrested for illegally accessing Facebook user data for campaign purposes?
Craiggers.com was NEAT! You could search ALL of Craigslist; encompassing all states, counties, cities, etc., in one fell swoop. Currently, there is no way to do this. If I’m not mistaken, Craigslist itself doesn’t offer any way to do this.
Bad facts making bad law.
I am not seeing a problem here..
They were told they were not authorized, but they used a different address to get the data.
They were not authorised. Period. Faking an IP address to get it does not give you authorization back, in fact I thik it opens you up to worse trouble for violating the original ban.
Its like you are banned from a liquor store, but you go in wearing a mask...
doesn’t work in my book, and has NO OTHER global implications
(the author of this article is too clueless of the topic, and tried to write something dramatic)
Too late. Legislators permitted mass marketers to do this for decades. Their lobbyists got them the laws they wanted.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.