Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment

Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment

6 years ago
Anonymous $gIi3-PxxKB

https://www.techdirt.com/articles/20180401/22565539541/court-says-scraping-websites-creating-fake-profiles-can-be-protected-first-amendment.shtml

It's no secret that the Computer Fraud and Abuse Act (CFAA) is a mess. Originally written by a confused and panicked Congress in the wake of the 1980s movie War Games, it was supposed to be an "anti-hacking" law, but was written so broadly that it has been used over and over again against any sort of "things that happen on a computer." It has been (not so jokingly) referred to as "the law that sticks," because when someone has done something "icky" using a computer, if no other law is found to be broken, someone can almost always find some weird way to interpret the CFAA to claim it's been violated. The two most problematic parts of the CFAA are the fact that it applies to "unauthorized access" or to "exceeding authorized access" on any "computer... which is used in or affecting interstate or foreign commerce or communications." In 1986 that may have seemed limited. But, today, that means any computer on the internet. Which means basically any computer.

A big question that has come up in multiple CFAA cases is does it count as "unauthorized access" or as "exceeding unauthorized access" if you simply fail to abide by a site's terms of service. This was the way that prosecutors were able to go after Lori Drew, who helped bully a girl on MySpace, who later committed suicide. Drew's actions were despicable, but the only law that prosecutors could get to "stick" was that she violated the CFAA by using a fake name to sign up for MySpace, thereby violating its terms of service... and thus getting "unauthorized access" to MySpace's internet-connected computers. There are both criminal (as in the Lori Drew case) and civil components to the CFAA -- and some companies (cough Oracle cough) have long fought against reforming the CFAA in the belief that they want to be able to use the law. Unfortunately, lots of internet companies, which should know better, have used the CFAA to go after sites that have scraped some content off their site -- including Craigslist, Facebook and LinkedIn.

Court Says Scraping Websites And Creating Fake Profiles Can Be Protected By The First Amendment

Apr 4, 2018, 11:25am UTC
https://www.techdirt.com/articles/20180401/22565539541/court-says-scraping-websites-creating-fake-profiles-can-be-protected-first-amendment.shtml >It's no secret that the Computer Fraud and Abuse Act (CFAA) is a mess. Originally written by a confused and panicked Congress in the wake of the 1980s movie War Games, it was supposed to be an "anti-hacking" law, but was written so broadly that it has been used over and over again against any sort of "things that happen on a computer." It has been (not so jokingly) referred to as "the law that sticks," because when someone has done something "icky" using a computer, if no other law is found to be broken, someone can almost always find some weird way to interpret the CFAA to claim it's been violated. The two most problematic parts of the CFAA are the fact that it applies to "unauthorized access" or to "exceeding authorized access" on any "computer... which is used in or affecting interstate or foreign commerce or communications." In 1986 that may have seemed limited. But, today, that means any computer on the internet. Which means basically any computer. >A big question that has come up in multiple CFAA cases is does it count as "unauthorized access" or as "exceeding unauthorized access" if you simply fail to abide by a site's terms of service. This was the way that prosecutors were able to go after Lori Drew, who helped bully a girl on MySpace, who later committed suicide. Drew's actions were despicable, but the only law that prosecutors could get to "stick" was that she violated the CFAA by using a fake name to sign up for MySpace, thereby violating its terms of service... and thus getting "unauthorized access" to MySpace's internet-connected computers. There are both criminal (as in the Lori Drew case) and civil components to the CFAA -- and some companies (*cough* Oracle *cough*) have long fought against reforming the CFAA in the belief that they want to be able to use the law. Unfortunately, lots of internet companies, which should know better, have used the CFAA to go after sites that have scraped some content off their site -- including Craigslist, Facebook and LinkedIn.