Appeals Court Rules TOS Violations Aren't Criminal

Trepidity writes "In a decision today (PDF), the Ninth Circuit Court of Appeals ruled that the Computer Fraud and Abuse Act 'does not extend to violations of use restrictions,' and therefore violating terms of service and corporate use policies is not a federal crime. Law profesor Orin Kerr cheered the decision, but since three other Courts of Appeals have reached opposite decisions, it might be heading to the Supreme Court."

Corporations don't make law

[Anonymous Coward]

And therefor, violating a TOS can't automatically be seen as criminal activity. Kudos to the Ninth Circuit Court of Appeals for having their head on straight.

Re:

[Anonymous Coward]

Unfortunately the 9th Circuit is the most overturned court in the USA. I'm not having high hopes that the SCOTUS will affirm the ruling.

Re:Corporations don't make law

[AuMatar]

No it isn't. The 9th circuit court is by far the largest appellate court in the country, so while it has the most appeals overturned, it also has the most cases. By percentage it's actually in the middle of the pack.

Re:

[Qzukk]

Which is exactly what I said.

Which is why what you said was the most retarded second response to the first post.

Re:Corporations don't make law

[Anonymous Coward]

Which is exactly what I said.

What you said was deceptive and someone pointed out that deception. Saying you intended to deceive people don't help.

Re:

[geogob]

I'm not even convinced he was trying to be deceptive. Maybe the AC simply doesn't get it. Or stopped reading the reply half-way through, as he was satisfied with himself.

Regardless, the subtlety pointed out by AuMatar is very disappointingly very hard to understand by a large portion of the population. Yes, I know, citation needed, but I can only give my own experience and observation as reference. Every time I face this situation, I turn out highly disappointed - in what exactly I don't know, but i'm just

Re:

[painandgreed]

I'm not even convinced he was trying to be deceptive. Maybe the AC simply doesn't get it.

Not surprising if they can't even figure out how to create an account and log in.

Re:

[Anonymous Coward]

Did you not understand the parent's post at all? It doesn't matter that you 'exactly said something' if you fail to grasp basic mathematics enough to realize that the total number of appeals is fucking meaningless metric by itself.

Re:Corporations don't make law

[Baloroth]

And therefor, violating a TOS can't automatically be seen as criminal activity. Kudos to the Ninth Circuit Court of Appeals for having their head on straight.

Actually, the question is whether the law on the books that makes it illegal if an action "exceeds authorized access" applies to TOS violations, since the TOS outline what counts as authorized access. You can argue very easily that using a service in a manner that breaks the TOS does, in fact, violate the law (by exceeding what you were authorized in the TOS), but this court argues that the language is somewhat ambiguous and in the case of criminal law, you should always err on the side of leniency unless Congress makes itself clear. Basically, an action cannot be criminal unless the law clearly and explicitly states it is.

The case has nothing to do with corporations ability to make an action illegal, specifically, but rather whether an action (violating the TOS) is already criminal under the current law. Agreed about the court having it's head on straight, this judge seems extremely rational.

Re:

[AmiMoJo]

The case has nothing to do with corporations ability to make an action illegal, specifically, but rather whether an action (violating the TOS) is already criminal under the current law.

That's the same thing. TOS say "making a backup copy is illegal" or "one install only, if your PC dies you buy a new license" and doing otherwise becomes illegal. Or not, as the court has said.

Re:

[Baloroth]

You seem to be thinking of EULAs, which are different from TOS. Terms of Service are for... well, services that you run on computers (notably, in this case, computers you do not own, such as using Facebook). For example, Facebook can have it in their TOS that you cannot host, say, a picture of your butt on Facebook. If the Computer Fraud and Abuse Act was interpreted broadly, it could be a crime to put such a picture on their servers (it would count as "unauthorized access"). Making backup copies of softwar

Re:

[rtb61]

Still really, violation of a term of service should only be a criminal act if that actual violation is legislated as such otherwise it should just be a civil breach of contract.

Private corporation should not be able to just stick in arbitrary terms of service, things like you are not allowed to publicly criticise the company whilst using it's services etc. etc.

Re:

[nschubach]

Doesn't the "exceeds authorized access" apply to owned property? (ie: a server, mainframe...) I'm sure this is going to border on that ever popular "ownership" aspect of software.

Re:

[Baloroth]

I'm not sure exactly what you mean. I think in this case the question is whether an action that effectively takes place on a server you do not own, that happens to violate the TOS of whatever service you took the action under, counts as "unauthorized access" of that server. For example, uploading porn to Facebook (I presume that is against their TOS, anyways). In that case, Facebook could argue that they did not authorize you to upload porn, and therefore you accessed their server in an unauthorized fashion

Re:

[91degrees]

It is an important question.

Reading the law as widely as possible would mean I'm breaking federal law by setting up a second gmail account, or not using my real name on facebook. This clearly wasn't the intent of the law. It was a reaction to hackers breaking into systems that they had absolutely no rights to at all. At the time, public access services weren't that common. Those that were typically had a TOS agreement that was fairly narrow in scope.

I'm not sure how much the courts are allowed to t

Re:

[DM9290]

The law could theoretically give the power of making things illegal to a corporation. but probably such a law would need to be written in such a way that it was clear that the corporation has that power, and which corporation it was, and how that corporation performs this task. So that way it is not vague as to whether or not any particular action was illegal.

even if facebook happened to have clearly written TOS that themselves are not vague. that doesn't guarantee that the statute isn't also enforcing cr

Re:Corporations don't make law

[SuricouRaven]

The legal reasoning, simplified, goes like this:

1. Accessing a computer system without authorisation from the owner is a crime.
2. A ToS specifies what a user can do, and upon violation becomes invalid - thus, the user is no longer authorised, legally. Even if their account still exists.
3. So any access breaking the ToS is, in legal fact, unauthorised - and indistinguishable from if they had, say, used an exploit or guessed a password. The means by which unauthorised access is granted is legally unimportant - it doesn't matter if it's via sophisticated hacking, script-kiddie work, social engineering, finding someone's password on a postit or pure luck in guessing. The important part is that the user, having broken the ToS, is no longer authorised by the system owner to access that computer system. See point one.

Re:Corporations don't make law

[similar_name]

To apply this same idea to meatspace. If I rent an apartment and my lease says no pets but I have a pet anyway should that make me a criminal? I don't think so. Seems like for a couple hundred years the U.S. has considered it a civil matter and I fail to see why it should be any different on a computer. At the same time if I break into an apartment that is criminal, likewise it should be for a computer. Companies are pushing to make breaking a TOS criminal and that's a very scary thing. Especially when they change it whenever they feel like it.

Re:

[fast turtle]

because a TOS is not a valid contract is why the courts have ruled that it's a criminal offense to violate one. Contract law absolutely requires the ability to negotiate both sides, otherwise it's an EULA that is not recognized by half of the United States - the 9th district is in California IIRC

Re:

[gnasher719]

To apply this same idea to meatspace. If I rent an apartment and my lease says no pets but I have a pet anyway should that make me a criminal? I don't think so.

Let's make that a bit clearer. If your lease says "no pets" but you have a pet anyway, does that make you a trespasser? No. You live there, and as long as you live there you are not a trespasser. You may be in violation of your rent agreement, and the landlord may use this to cancel your tenancy agreement, and then ask you to leave, and if you don't leave the landlord may send bailiffs to remove you, but until they remove you, you are not trespassing.

On the other hand, you might take your pet rat on a wa

Re:

[crypticedge]

In most states it's illegal to just change the locks on a rental if there's a renter there. They have to file with the court, then get the sheriff

Re:

[Khyber]

It's called "Right to Possession" and that falls under Tenant Rights.

Re:

[Khyber]

Logically that would be the correct course of action. Set forth a contract of service. You violate said contract, you've lost the right to use the service. Further access to the service is unauthorized, and thus would then fall under the Federal statutes regarding said unauthorized access.

Re:

[DM9290]

"authorize" is a verb performed by the owner. nothing in the statute says a TOS document can perform this task. So the court can't simply assume it. It is criminal law.

So the issue is whether the owner authorized something. And it is pretty clear that if the owner put a computer up for people from the public to use, then the owner authorized them to use it. or else authorized them to authorize themselves. He can't authorize a computer to authorize anyone, nor a TOS.

Under contract law there could be a TOS

Re:

[SuricouRaven]

You assume that having an account authorised in a technical sense is in some manner equivilent to being authorised in the legal sense. Other than sharing a name, they are completly unrelated.

Re:

[swb]

Sure they do.

They buy the politicians, and the politicians pass laws in a way that allows them to structure their policies and contracts in a way that makes violating them a criminally enforceable action, allowing them to use the government's police powers to guarantee compliance to their policies.

Ultimately the US is going to be just like China; same corrupt style of government, complete with in-name-only ideological justifications for repression ("stability" there, "war on terrorism" here), same group of

Ex post facto

[NoNonAlphaCharsHere]

If a corporation can unilaterally change a TOS agreement AFTER someone has signed up for the service (which they do all the time), how can anybody then claim that violating it is a criminal offense?

Re:

[pwnyxpress]

Don't corporations regularly write into the TOS agreement that they can change the terms with minimal (if any) notification to the customer, thus putting the responsibility of terminating the agreement onto the customer?

Re:Ex post facto

[dbet]

They can amend the contract, however, you are allowed to not accept the new version. So for example you're one year into a 2 year contract with AT&T, and they change the terms. You are now free to walk away. Because of this they usually grandfather in people who are in existing contracts.

Re:

[tepples]

They can amend the contract, however, you are allowed to not accept the new version.

However, by continuing to use the service after the new terms are published, a user is considered to have accepted the new terms.

Re:Ex post facto

[JoeMerchant]

If a corporation can unilaterally change a TOS agreement AFTER someone has signed up for the service (which they do all the time), how can anybody then claim that violating it is a criminal offense?

Even more, how can a corporation (say: JoeMerchantCorp) create a TOS and then get the police and courts of the land to enforce it for them? My TOS can state that you must dance on your hands naked in the waiting room after a late payment or your account will be revoked... and it can be a criminal offence to violate it?

Re:

[Surt]

If it weren't unconscionable or illegal (and in this case both), yes.

Re:

[JoeMerchant]

At what point does unconscionable start? AT&T tripled their rates without telling me until I got the bill - should I have to pay that triple expected bill? How about 10x? How about 100x? Where's the line?

TOS are modified at a dizzying pace, if there were one TOS to read for a service per 10 years and 10 services with TOS in your average daily life, sure, that's fine. As it is, I have 2 hours of reading a month to do for my PS3, another 3-4 for my Apple products, about 10 hours a month for the variou

Re:

[Surt]

http://legal-dictionary.thefreedictionary.com/unconscionable [thefreedictionary.com]

"An unconscionable contract is one that no person who is mentally competent would enter into and that no fair and honest person would accept."

You're probably stuck with your contracts so long as your carrier is able to attract significant numbers of new people to sign on to the same terms, as that pretty much blows the unconscionable requirements.

Personally, I don't use any services with frequent TOS changes. It's not that hard to avoid.

Re:

[JoeMerchant]

This sounds pretty slippery to me, not sure how often it changes, I never even looked at it before:

http://geek.net/index.php/terms-of-use/ [geek.net]

Geeknet, Inc. comprised of the internet sites Geek.net, Sourceforge.net, Slashdot.org, ThinkGeek.com, and freecode.com (the "Sites"), provides the information and services on the Sites to you, the user, conditioned upon your acceptance, without modification, of the terms and conditions of use applicable to such Sites. Your use of any of the other Sites constitutes agreeme

Re:

[Surt]

Thankfully that's not a contract I've accepted.

Re:

[JoeMerchant]

While I would disagree in principle, they say you have:

Use of Geeknet Sites constitutes full acceptance of and agreement to the Terms;

Stuff like that is what bothers me.

Re:

[Surt]

Yeah, there's no chance of that holding up, particularly since they've never forced me to see either the use requirement or the actual contract. Click-through has a small chance of holding up, but this? None.

Re:

[JoeMerchant]

Yeah, there's no chance of that holding up, particularly since they've never forced me to see either the use requirement or the actual contract. Click-through has a small chance of holding up, but this? None.

And, what I intensely dislike about that is that, regardless of merit, suit can still be brought and you are compelled to defend, and usually appear. In my opinion, just being compelled to appear is a major nuisance.

Having all this, presently, meritless basis for suit generated as regular course of business should be in some way discouraged. A few bad decisions out of the courts could basically strip everyone of their rights by making everyone criminals due to violation of B.S. TOS (yes, it should be a ci

Re:

[Surt]

My solution if things are headed that way will be to set up my own terms of service for sending me web pages over my internet connection. I will make sure my terms are at least equally visible and available.

Re:Ex post facto

[Beardo the Bearded]

I would hand-dance naked in my living room for you.

I mean for a late payment. For a late payment.

Re:

[Sique]

One of the main reasons to have a state and a judicary is to have contracts enforced. There is a whole body of law just for contract disputions, it's called Civil Law.

Re:

[JoeMerchant]

And TFA is talking about Criminal penalties...

Re:

[LostCluster]

They can't without permission, but continuing to use the service can represent permission.

Re:

[FunPika]

They will probably just try to make "Ignorantia juris non excusat" apply to the TOS as well and be like "You didn't read the updated TOS? Your fault".

Re:

[Surt]

Which seems entirely reasonable. I don't use any websites subject to unilaterally modifiable TOS without reading those TOS every single time, and neither should anyone else.

Re:

[SuricouRaven]

When I got my iPod touch*, I got to see the agreement to use the app store. Ninety-nine pages long. That was one of the shorter ones.

*Don't worry, it was a freebie with something else and went on eBay.

Re:

[sconeu]

You agreed to be part of a human CentiPad

Re:

[CanHasDIY]

They will probably just try to make "Ignorantia juris non excusat" apply to the TOS as well and be like "You didn't read the updated TOS? Your fault".

Which is, as we all know, complete bullshit.

"Ignorantia juris non excusat" is only legitimate when applied across the board, without exceptions, and we all know that's not the case.

Re:

[NonUniqueNickname]

So? Laws change unilaterally all the time too, it doesn't make them ex post facto. Only if the corporation takes action against a user over a violation of the new TOS that ocurred before the new TOS was instated (and agreed to by the user). Only then would it be ex post facto.

Re:

[Anonymous Coward]

I dunno that I like this argument. I agree with the conclusion, but the reasoning you take for it is a bit scary.

I mean, I *can* change my terms and make you a criminal /if/ you persist. In computing it's as simple as "John, you're fired--don't login as administrator"

A very simple alternate meatspace analogy is trespass.

If I invite you to my home, you're welcome there. If I then order you to leave, you have a reasonable amount of time to gather your things and exit. If you delay unduly, or refuse--you'v

Re:

[CanHasDIY]

A very simple alternate meatspace analogy is trespass.

No; trespassing is a criminal matter, not a civil one (unless we're talking trespass to chattels, which you are not). "Analogy" implies a commonality.

A real meatspace analogy would be if you offered me access to your property in writing, then at some point changed the contract to revoke my access.

The difference is, with a written (paper) contract between two individuals, changing the terms requires the physical signature of both parties; in terms of service, one party can unilaterally change their policy,

Re:

[ohnocitizen]

I can't wait to re-read the parent comment after the supreme court rules it is a criminal offense. I'll have myself a nice little cry then. It'll be cathartic.

I must be reading something wrong...

[gatfirls]

Lower courts have held that violating a (basically TOS) is a crime? Is there ever real world logic applied to these decisions or is it basically (let's rewrite every law when it applies to the internet). "What are you in for?" "Leaving food stuffs in the fridge after 5pm on friday, clearly against company policy".

Re:I must be reading something wrong...

[CanHasDIY]

Lower courts have held that violating a (basically TOS) is a crime?

Not just a crime, a felony crime. Which means being convicted of ToS violations not only takes away your physical freedom, but also damages your ability to find a job upon release, makes it impossible to own a gun, removes your right to vote (although some states restore that right after a prescribed period of time), and all the other wonderful disadvantages that come with being a convicted felon.

Land of the Free, my enslaved ass.

Re:I must be reading something wrong...

[Jeng]

Ya know, if they want to charge you with a felony you might as well commit one and kill the motherfucker who wrote the TOS.

Re:

[Trepidity]

Fortunately it does at least require that it be a TOS violation "with intent to defraud", which provides a bit higher burden of proof. It's still better not to have the CFAA in this mess at all, though. If you want to ban fraud, then write a law banning fraud (which already exist, naturally), not criminalize random things just because "with a computer" is tacked on.

Re:

[jamstar7]

If you want to ban fraud, then write a law banning fraud (which already exist, naturally), not criminalize random things just because "with a computer" is tacked on.

But it's ok to 'create' and 'patent' something already out there by adding 'on a computer hooked to the internet or not'?

Go to SCotUS, Go directly to SCotUS

[LostCluster]

A court ruling out of line with three other rulings is certainly a sign that the court wants a higher court to look at this... 3-1 scores don't matter, just that the case got there.

of course

[shentino]

Violating terms of use is not a criminal offense.

It's a civil matter known as breach of contract, the solution for which is getting sued.

Now if you were forging a mac address in an attempt to masquerade as another subscriber, or hacked the service to get free internet or evade a service termination, that would be different and probably *would* qualify as criminal.

Breaking TOS and having your service yoinked is like going shopping at a grocery store and getting thrown out by security for swearing, or like ge

Re:

[X0563511]

Aaah, but you forgot! The magic words! "With a computer" change everything!

Re:

[GiMP]

Without any contract, you have no authority access. If you breech the contract, you have no authorization to access. Access without authorization is a felony.

I tend to agree that the other courts were probably right. Whether or not the Computer Fraud and Abuse Act is too broad is another matter and something for higher courts and the legislative branch to determine.

Re:

[gstrickler]

I've discussed this many times. Any while your interpretation could be valid, I most strongly disagree with it. I agree with the OP and the 9th CC, this is not a crime, it's a contract dispute, which makes it a civil case, not a criminal case. That's how it should be handled, breach of contract.

Consider what happens if it's the other way around, what if the company violates their responsibilities under the TOS? Is that automatically a crime? No. In some cases, if you can show they were willfully misleading,

Re:

[jamstar7]

Consider what happens if it's the other way around, what if the company violates their responsibilities under the TOS? Is that automatically a crime? No. In some cases, if you can show they were willfully misleading, to a large group of customers, then it might be treated as criminal fraud. But the company violating the TOS is not automatically a crime, it's a civil breach of contract.

I'd have an attorney read over the TOS before suing, though. I've read some that have a clause saying that by using the se

Re:

[causality]

Consider what happens if it's the other way around, what if the company violates their responsibilities under the TOS? Is that automatically a crime? No. In some cases, if you can show they were willfully misleading, to a large group of customers, then it might be treated as criminal fraud. But the company violating the TOS is not automatically a crime, it's a civil breach of contract.

I'd have an attorney read over the TOS before suing, though. I've read some that have a clause saying that by using the service I accept the TOS and agree to hold the provider blameless in anything that may come up, up to and including the Second Coming of Elvis.

I'm not a lawyer and this isn't legal advice, yadda yadda. Owing to the legally protected freedom of speech, they may write whatever they want into a document. That doesn't necessarily mean it will hold up in court. Some states are better than others about rejecting unreasonable clauses in such contracts.

Not a TOS

[Desler]

Once again a terrible title and summary. This had nothing to do with a TOS. It was about trying to prosecute someone criminally for violating their workplace's authorized access policy.

Re:

[gatfirls]

An "access policy" is basically "terms of service". You are right though the word "policy" is enough of a description to make a criminal charge (an upheld appeals) seem ridiculous.

Re:

[Desler]

No, a ToS is in common use an agreement between a company and a consumer when providing you a service. This was about an internal company policy for its employees. It's not the same.

Re:

[gatfirls]

You do know that "basically" and "same" have very different meanings right? The point is that neither of them (should) carry a criminal penalty for the violation of them unless the violation actually violates the law. The problem here is that they are using their *policy* to stipulate what is illegal. ....using very ambiguous overreaching laws. Even though using criminal courts in place of civil is all the new rage.

Re:

[tacokill]

Mod this up. The fact that an employer / employee is involved changes everything. This is not a case of TOS and Customers violating said TOS.

Re:

[gatfirls]

Exactly what does it change? They're both loose "contracts" on what is authorized for the service/network/etc. Using horribly vague, ambiguous and broad laws to cover civil matters (especially big corporate civil matters) is a crazy concept that people seem to just ignore as "welp don't break the law" until they get snagged up in it.

Re:Not a TOS

[urulokion]

No. The fact that is an employer/employee type setup doesn't change a thing. An employee violating a company policy in regards to accessing information they are authorized to to access via their computer credentials isn't a violation of the CFAA. Let's take another CFAA case involving the Social Security Adminstration. Certain employees in the SSA have access to personal information of people in regards to SSN payroll deductions, benefit payouts, etc. They have authorization via their computer credentials to look at virtually anyone's personal information. But the SSA has policies in place they speel out when it is proper to access that personal information. When an employee is working a case that is assignment to them, they policies says they can access personal information about persons related to that case as an example.

Now if an SSA employee starts to just access information about celebrities or other persons in the new just because they are curious. They would be a clear violation of SSA policy. Remember that the employee's credentials allow access to virtually anyone. The employee used their assignen credentials to access the information. They didn't breach any technological measure to access the measure. They didn't "hack" to gain access to the information. Their access is a violation of SSA policies, may be violations of criminal statutes of misusing government data, violations of the Privacy Act, etc. But their access was not a violation of the CFAA. That was what the 9th Circuit ruled on.

The 9th Circuit got this one right. Yes, I'm shocked as much as you are. If this ruling goes to the US Supreme Court, I don't think it'll be overruled.

Re:

[Trepidity]

It doesn't change anything, as the decision notes. The question is whether exceeding authorization to use a computer, by violating the terms of a policy authorizing you to use that computer, is a federal crime. Whether the policy is a workplace policy for employee usage of computers, or a user policy for customer usage of computers, doesn't make a difference.

Re:

[Trepidity]

If you read the court's opinion, it discusses both ToS and workplace access policies, and holds that the CFAA applies to neither, for similar reasons.

Re:

[CanHasDIY]

This gets into sticky areas like "How many near-simultaneous "requests" for my PUBLICLY ACCESSIBLE SERVICE constitutes "popular" versus a denial-of-service attack?" In effect, the slashdot effect could be deemed a federal felony offense if the law stands. SCOTUS will likely have to take it up.

In other words, the fate of our technological freedom is in the hands of 9 dinosaurs who are of the generation that honestly believes the internet is made up of physically interconnected tubes?

$diety help us, we are FUCKED.

Whoop-de-do, big deal.

[istartedi]

So you're not in jail. Big deal. They can still take all your money via the civil courts. Then you're homeless. It's like jail except that the cell has poor climate control and the 3 hots and a cot are unreliable. Nothing will change until civil suits are reformed. For starters, guaranteed right to a jury trial with the possibility of nullification required to be informed to the jury from the bench (not the bench lying and saying that it doesn't exist). Also, reasonable doubt, not prepoderance. Also, no civil trial for the same matter already settled in criminal courts.

Wow, it might actually be a free country again if we could pull that off. Oh and look, I expressed it in one paragraph that everybody can understand. Just like back in the 1700s. Imagine that!

Re:

[gl4ss]

well.. at least then you get to still vote that should be changed?

usa style settling in criminal cases is bullshit. it distorts statistics, history and murkies wtf actually happened so badly... that should only happen in civil, non criminal, disagreements.

Re:

[interval1066]

Has anyone ever been rounded up for violating an access TOS?

Re:

[sabt-pestnu]

From the ruling:

In a recent Florida case, after an employee sued her employer for
wrongful termination, the company counterclaimed that plaintiff violated
section 1030(a)(2)(C) by making personal use of the Internet at work --
checking Facebook and sending personal email -- in violation of company
policy. See Lee v. PMSI, Inc., No. 8:10-cv-2904-T-23TBM, 2011 WL
1742028 (M.D. Fla. May 6, 2011). The district court dismissed the counterclaim,
but it could not have done so if "exceeds authorized access"
included viola

Re:

[mark-t]

They can't take your home away if you don't own it... and they can't garnish your wages below what is necessary to survive, taking into consideration standard costs of living in your area.

Damn it

[Fned]

I was so looking forward to forcefully citizen's-arresting the next HR asshole to demand my Facebook login.

Re:

[Elldallan]

That has not changed, unless the HR asshole has Facebook he never had a TOS with FB so he could always(and still can) demand your account details. You would however be in breach of the TOS if you gave it to said HR asshole so you would be the one tossed in jail.

BUT what has not changed is the fact that if said HR asshole did access FB(with your account details) without having a contract with FB in the first place it will still be a felony.
Things gets muddy if he has his own Facebook since he would techni

Re:

[Xaositecte]

He's not violating the TOS, but he's certainly accessing the computer system without authorization, which is the actual felony crime being discussed. If anything, his guilt is even more unambiguous.

Re:

[MobyDisk]

Allow me to play devil's advocate here: what is to say they don't arrest you for giving the information out? Asking for it probably doesn't violate the TOS. Either giving it out, or using it are more likely to violate it.

Re:

[darkonc]

It's not just the asshole who demands your Facebook login that gets charged with counselling a felony. You can also go after the asshole who set the policy (usually further up the food chain). Now that should get the attention of legal (especially if it was legal who set the policy).

Authorized access to my (physical) mailbox

[Anonymous Coward]

"Credit card companies are not authorized to have their mail access my (physical) mailbox, unless they enclose a cashier's check for $1,000 in my name."

Now go ahead send me another one of these credit card offers!

Employers demand access to employee account ...

[Spectre]

So, those employers that demand access to your social networking accounts, or, say, bank accounts, personal e-mail accounts, etc. They get a free pass at violating those sites' Terms of Use and can sign on with employees' access credentials ... NO PROBLEM?

Re:

[GiMP]

Those companies are not violating the TOS, the employee is. What the company is doing is worse, the company is arguably accessing without agreeing to the TOS at all, which falls under unauthorized access and is criminal under the Computer Fraud and Abuse Act. I think. IANAL

Re:

[mark-t]

If you're going to work for a company that expects access to such accounts, then I would think that your best course of action is to just not have any such accounts. Even better is to just not work at such a company.

In at-will states, employers can fire you for pretty damn near any reason they want, or no reason at all. I'm pretty sure that not supplying them with access to your facebook account doesn't quality as some form of legal discrimination (even though they might be able to obtain some informat

Re:

[HexaByte]

If you're going to work for a company that expects access to such accounts, then I would think that your best course of action is to just not have any such accounts. Even better is to just not work at such a company.

Tell your employer" I won't give you the keys to my house, my car, my bank accounts nor other personal accounts unless you do the same for me."

Should they agree to this, drain their accounts, take everything from their house that you want, put it in their car and take off for the border. When you get there, post (as them) on their facebook and tweet from their account that they love Hitler and the Nazis, hate minorities and women and are having an affair with someone of the same sex in the workplace. Cha

Re:

[gnasher719]

So, those employers that demand access to your social networking accounts, or, say, bank accounts, personal e-mail accounts, etc. They get a free pass at violating those sites' Terms of Use and can sign on with employees' access credentials ... NO PROBLEM?

Not at all. If I give you my Facebook password, then I am in violation of the Facebook TOS - which as discussed is not a crime. But _you_ have no authorization to log into my account. I can give you the password, but I cannot give you the authorization to log in, because it is not my server that you are logging in to. So by accessing my account, using the password I gave you, _you_ are committing the crime of unauthorized access to a computer.

stuff on the level traffic tickets should not felo

[Joe_Dragon]

stuff on the level traffic tickets should not be a felony.

Now lot's of tos violation are on the level of some traffic tickets where most people don't follow the rules 100% and some of them are very technical when you get down to them.

This could go bad seriously fast

[powerspike]

and therefore violating terms of service and corporate use policies is not a federal crime.

If it was a Federal Crime, Basically what it would lead to, is private entities been able to send people to jail for breaking rules not set by the government (ie laws...). If this does start to happen, then the corporations have effectively directly taken over law making in this country, and could even possibly put in jail terms and penlites for breaking their tos's.

The way I see it

[__aaltlg1547]

violating TOS can only be seen as breach-of-contract. That makes it a civil offense.

Re:Can't complain

[CanHasDIY]

I think it's hard to tell whether this is good for consumers (because we have the freedom to do what we want with our programs, etc), or bad for consumers (because it makes things less safe for companies). Either way, I'm happy for now, I guess.

It's not hard to tell at all: being able to throw consumers in jail for ToS violations is most definitely, unquestionably, bad for consumers.

Re:

[Surt]

The direct action is obviously negative, the question is whether the indirect incentive more than outweighs that negative. One could argue, for example, that perhaps facebook wouldn't exist if they didn't think this was possible, and facebook is so awesome it outweighs the cost. I wouldn't argue that, but someone could.

Re:

[CanHasDIY]

One could argue, for example, that perhaps facebook wouldn't exist if they didn't think this was possible, and facebook is so awesome it outweighs the cost. I wouldn't argue that, but someone could.

You and I both.

Besides, yea, one could attempt to make that argument, but it's obvious bullshit; the Zuckerburgs of the world don't give two shits about being able to incarcerate their customers for ToS violations, so long as people keep signing up and the skrilla keeps flowing in.

Re:

[sabt-pestnu]

> or bad for consumers (because it makes things less safe for companies).

If Congress (or lobbyists acting through congress) really really wants to criminalize TOS violations, they can try to pass a bill that explicitly states that.

Or they could just try again with the fuzzy language and call it CISPA.

Re:

[Trepidity]

Wrong on both points: 1) the decision covered ToS in general, not only employer/employee agreements; and 2) the Ninth Circuit has plenty of conservatives on it, with its Chief Judge, who wrote this opinion, being a libertarian-leaning Reagan appointee.

Re:

[BBTaeKwonDo]

Yeah, you're right, my bad for not RTFO. Though the Ninth circuit, while it may have some conservatives, is still the most liberal circuit by a wide margin.