Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Crime Government Security The Internet Your Rights Online

ToS Violations No Longer a Crime (On Their Own) 162

nonprofiteer writes "The Computer Fraud and Abuse Act previously made 'unauthorized access to a computer system' a crime — meant to apply to hackers, it also criminalized violations of a website's ToS or of a workplace's computer policies. The law is being changed to make the crime a felony rather than a misdemeanor, which led some to worry about the potential for its abuse. However, Senators Franken and Grassley added an amendment (PDF) to exempt violations of ToS and employer policies from the lists of felony activity. w00t for common sense."
This discussion has been archived. No new comments can be posted.

ToS Violations No Longer a Crime (On Their Own)

Comments Filter:
  • by DaveV1.0 ( 203135 ) on Friday September 16, 2011 @10:48AM (#37421088) Journal

    A misdemeanor is still a crime, just a less serious crime. The amendment exempts ToS violations from being felonies, but does not stop them from being misdemeanors, then they are still crimes.

    • by Fieryphoenix ( 1161565 ) on Friday September 16, 2011 @11:32AM (#37421624)
      I see no provision in the amendment that reduces from felony to misdemeanor, only language that exempts ToS violations etc. from whatever it is the bill stipulates in the section being amended. There not being a link to the law itself, I haven't seen it, but I sincerely doubt the original law says that ToS violations can alternately be considered misdemeanors, thus I deem it probably the law simply states that unauthorized access is a felony, without mentioning ToS etc. Since the amendment states that ToS etc. are exempted, then the amendment does NOT create them misdemeanors, and since AFAIK nothing else creates ToS violations as crimes, I don't think the amendment leaves them a crime of any kind at all.
      • by rgviza ( 1303161 )
        So if you violate the ToS with a ban-able offense, and get banned, you haven't violated the law until you make a new ID and access their systems again? Since if you have been banned your authorization to use their systems has been yanked.

        So a troll that just keeps making new id's on a forum to harass forum members, after being banned permanently, would be breaking the law, however a troll that hasn't been banned yet, who is violating the ToS isn't yet breaking the law?

        IANAL and it'd be good to understand th
    • That's incorrect. They are no longer misdemeanors or felonies. This exempts them from being crimes, period. Unless combined with other criminal activity.
    • by maxume ( 22995 ) on Friday September 16, 2011 @11:45AM (#37421796)

      Here's the text of the current law:

      http://www.law.cornell.edu/uscode/18/1030.html [cornell.edu]

      (go yell at Cornell if you think it is not an accurate reflection of the current U.S. code, I don't care)

      Section 1030(e)(6) defines the term âoeexceeds authorized accessâ as used in the law. The amendment to the proposed bill changes the definition explicitly to exclude TOS violations as a sole basis for determining unauthorized access.

    • by cHiphead ( 17854 )

      i like how the submitter w00ted despite there being no common sense involved with the entire ordeal.

  • Adding an amendment does not mean it's been passed and is in effect. If this were true, then we would have gotten rid of the patriot act, withdrawn from foreign deployment, made smoking illegal, beefed up the patriot act, and given every person in america free tacos and jailtime. Here is the current status: http://politics.nytimes.com/congress/bills/112/s1151 [nytimes.com]

  • ....However, Senators Franken and Grassley added an amendment (PDF) to exempt violations of ToS and employer policies from the lists of felony activity. w00t for common sense.

    Excellent. This really made me blink and re-read many times to ensure the post and all of the articles referenced were actually what I thought I read.

    Hopefully this will prevent scare-suit tactics from large companies that aren't "making enough money this quarter". :)

    I'm referencing activities from the past, not trollin'.

    • I'm referencing activities from the past, not trollin'.

      No, you're trolling.

      Referencing actually requires references that SOMEONE recognizes.

      What large companies have sued people over ToS violations because they aren't "making enough money this quarter".

  • 1. Register commonly mis-spelled domain names. 2. Make ToS "Any access to this website is prohibited." 3. Report all website accesses to the authorities. 4. Invest in new prison construction. 4. PROFIT.
    • 4. Invest in new prison construction.

      Thanks for finally revealing what ??? means. Now we know that the penultimate step in every business venture is "Invest in new prison construction." Imagine the effect those stolen underpants will have!

      • 4. Invest in new prison construction.

        Thanks for finally revealing what ??? means. Now we know that the penultimate step in every business venture is "Invest in new prison construction." Imagine the effect those stolen underpants will have!

        Now you had to start running your mouth and training the other "x" percentage of readers that wouldn't have gotten it. Now it's ruined. Forever.

        ??? is investment in prison construction.

        Thanks a lot, thanks.. a... lot. /humor :)

    • Re: (Score:3, Interesting)

      by phantomfive ( 622387 )
      You think that's a joke, but it's been tried. The "Computer Fraud and Abuse Act" has been around since the 80s, and strengthened several times. It is bad law. [wsj.com]

      In one case, a company set up a website whose terms of use prohibited visiting the website. When their competitor visited, they sued. In another case, someone put a fake profile picture on MySpace and was charged with a crime. You can be sued for checking personal email at work or visiting Facebook.This is law made by people who don't understand co
      • by Dunbal ( 464142 ) *
        That's ok I have a "Terms of Service" too. By accepting this my cash for purchase or license of your goods and services, you waive your rights to your apply customary Terms of Service agreement. This is clearly posted on my website.
      • You can be sued for checking personal email at work or visiting Facebook.

        Yes, you can, and for good reason. There are times when those are actually a crime, just like how in certain circumstances you really CAN sue someone because YOU spilled hot coffee on YOURSELF.

        Its not always cut and dried 'checking personal email' ... sometimes its 'emailing company documents to corp spies using personal email' or 'making death threats on facebook'.

        These stupid laws exist because of lawyers who will use any twisting thing they can to win a case, right or wrong.

        You make things like ToS viol

        • You think making a violation of the TOS a crime is the only way to stop people from mailing secret documents to themselves? You think it's the best way? You've lost all credibility at that point.
    • 1. Register commonly mis-spelled domain names.

      2. Make ToS "Any access to this website is prohibited."

      3. Report all website accesses to the authorities.

      4. Invest in new prison construction.

      5. PROFIT.

      It may sound far-fetched, but your step four is a well-proven business model. It made a lot of people rich in Arizona [npr.org]. But it didn't turn out so well for this guy [wikipedia.org].

  • by XanC ( 644172 ) on Friday September 16, 2011 @10:53AM (#37421156)

    I use the "Modify Headers" FF extension to add the following to all my browser requests:

    X-Terms-Of-Service: By responding to this request, you agree to place no restrictions on the requesting user's use of the data you send, and that no subsequent terms of service may modify this provision.

    • I use the "Modify Headers" FF extension to add the following to all my browser requests:

      X-Terms-Of-Service: By responding to this request, you agree to place no restrictions on the requesting user's use of the data you send, and that no subsequent terms of service may modify this provision.

      Lolzers. Awesome.

      Now make that header an RFC. Then, get a new random lawsuit filed, processed, and won. Get another suit and _use case law_ to win it.

      Success. :)

    • Won't do you any good because no human has agreed to your terms of service as you did to access the service in the first place. You have a computer agreeing not to place any restrictions, a computer with no authority to make such an agreement.

      • by XanC ( 644172 )

        How is that different from a web site's ToS which binds me to something simply by downloading their page?

        I don't know how the response is being formed. Maybe it IS by a human. Certainly could be. And certainly, any *client* might be a computer and not a human as well, which would nullify any web site ToS ever.

        Basically, I agree with you that my "ToS" is stupid and useless, except to illustrate that web site ToSes are *also* stupid and useless.

        • It is different because, you, a person are making the agreement, an agreement presented by computer, but written by human.
           
          You are using false dichotomy, a fallacy, to demonstrate something. That makes your demonstration fallacious.

          • by pavon ( 30274 )

            I think you misunderstand what sort of ToS he is talking about. A real contract signed with cable company, or a EULA that you agree to when installing software or a ToS that you agree to when creating an account at a website are almost always valid and enforcable. However, he is talking about the blanket ToS that you can find linked in small print at the bottom of almost any corporate website. Companies act like they are legally binding even though visitors of the site were never shown the ToS, never agreed

      • The average user never sees the ToS for a site.

      • by sam0vi ( 985269 )

        When you buy a game console you don't sign any TOS, you just pay. So you could legally hack it before clicking any ACCEPT buttons, and you are golden, right?? Tell that to geohotz

        • by bws111 ( 1216812 )

          Um, no. Geohotz did not get sued for violating TOS, he got sued for violating a law (DMCA). You don't have to agree to anything to be bound by a law.

    • Good luck proving that that statement was there, and that someone at the company with the authority to make that agreement signed off on it.
  • This is only a proposed change to the law -- the law itself hasn't changed yet. So, the title is wrong.
  • I don't understand why they added these amendments. If we're going to maintain a proper police state, we need to make as many of our citizen's actions illegal as possible. This makes it easier for our brave and glorious men and women in uniform to keep the peace and protect our precious homeland from all those who would threaten it, or disagree with it, or who just look funny.

    • "I don't understand why they added these amendments. If we're going to maintain a proper police state, we need to make as many of our citizen's actions illegal as possible. This makes it easier for our brave and glorious men and women in uniform to keep the peace and protect our precious fatherland from all those who would threaten it, or disagree with it, or who just look funny"

      FTFY. Really, how is violating a ToS a crime in any way? At best the user should get suspended or in more serious cases banned from the site for a ToS violation not charged with a f'n crime. This is just another dumbass law to give the appearance of the asshated politicians doing something.

    • I don't know who marked you "Flamebait" but seriously, who likes police states? And furthermore, who doesn't think we're heading for one? The only people I know of are the actual "police" themselves. Every leftist I know hates the "Patriot" act as much as any right wing nut. We are united against the establishment, in this one thing.
  • by thoromyr ( 673646 ) on Friday September 16, 2011 @12:07PM (#37422032)

    This submission and/or the story is a troll. The referenced act only applies to a restricted set of systems. Roughly speaking it applies to non-public government systems and financial/bank computers. It does not apply to typical websites, nor does it apply to typical workplaces. But don't take my word for it, read the law http://www.law.cornell.edu/uscode/18/1030.html [cornell.edu]

  • ...have a lengthy discussion [slashdot.org] about the concept of unconscionability?
  • An unenforced law is still something to be ridiculed and laughed at.

    Every day just about everyone with any sort of server experiences "intrusions" which, if successfull, would result in significant harm to the server. Every day the administrators for these servers shrug it off and say it is just part of the Internet today. What this means is that we have people trying to do harm but in one way or another being blocked from doing it.

    Every once in a while some server fails to block one of these and we have

  • look. the CFAA is not 'meant to target hackers'. it is meant to target dissent. the last high profile CFAA case was Thomas Drake, a --whistleblower--.

    then there is Bradley Manning, a dozen or so counts under CFAA... for stuff like the collateral murder video and the Reyjkavic 13 email. innocuous information about government abuse,,,, now a felony to even tell a reporter about.

    congrats sheep. you get the dictatorship you so richly deserve.

    no go back to reading news about the new iPad

  • Boy people here have short memories. The most highly-publicized recent prosecution under this law was that of Lori Drew [wikipedia.org], the woman who impersonated a boy on MySpace to harass an acquaintance of her daughter. After the target committed suicide, Drew was indicated in 2008 by a Federal grand jury in California (where MySpace is located) and charged under the CFAA with one count of criminal conspiracy and three counts of violating the MySpace TOS.

    Whatever legal standing terms-of-service might have, they should

  • Does that mean that I can file a class action law suit against Sony after agreeing to the PSN terms of service and just be faced with a misdemeanor? (no, I'm not a troll.... this is a serious question)
  • Good luck getting a jury to under stand a TOS in a fed case much less the courts, jails , and prosecutors to have the time or room to fit all the cases in.

  • The rest of you, continue with your humdrum ranting.

A Fortran compiler is the hobgoblin of little minis.

Working...