Company Using Proxy To Evade Craigslist Block Violated CFAA 186
WillgasM writes "Changing your IP address or using proxy servers to access public websites you've been forbidden to visit is a violation of the Computer Fraud and Abuse Act, according to a judge's broad ruling (PDF) during a case on Friday involving Craigslist and 3taps. Opponents argue that this creates a slippery slope that many unsuspecting web users may find themselves upon. With your typical connection being assigned an address dynamically, is an IP ban really a 'technological barrier' to be circumvented? How long until we see the first prosecution for unauthorized viewing of a noindex page?"
Probably a long time; the judge in the case rejected the slippery slope argument: 'There, and sprinkled throughout its earlier, ostensibly text-based, arguments, 3taps posits outlandish scenarios where, for example, someone is criminally prosecuted for visiting a hypothetical website www.dontvisitme.com after a "friend" — apparently not a very good one — says the site has beautiful pictures but the homepage says that no one is allowed to click on the links to view the pictures. Needless to say, the Court’s decision [regarding 3taps' actions]... does not speak to whether the CFAA would apply to other sets of facts where an unsuspecting individual somehow stumbles on to an unauthorized site.' Willful evasion of blocks for commercial gain, on the other hand ...
Re:Trespassing (Score:4, Informative)
Wait. Time out. What exactly does 3Taps do?
The article states: "3taps drew Craigslist's ire by aggregating and republishing its ads, so Craigslist sent a cease-and-desist letter telling the company not to do that. Craigslist also blocked IP addresses associated with 3taps' systems."
However, a brief glance at their website (unless they changed things that quickly) does not show anything of this sort.
Does anyone have a screenshot from earlier, with the offending material?
3Taps responds (Score:5, Informative)
3Taps responds:
"3taps Statement Regarding craigslist’s Misuse of the CFAA
At craigslist’s urging, a federal court has recently interpreted the Computer Fraud and Abuse Act (CFAA), known as the “worst law in technology,” to apply when an owner of a public website decides that it no longer wants an Internet user accessing its website. The court held that “the statute protects all information on any protected computer accessed ‘without authorization’ and nothing in that language prohibits a computer owner from selectively revoking authorization to access its website.” Order at 12. 3taps is obviously disappointed in the Judge’s ruling and believes that by making public information publicly available on the Internet, without a password, firewall, or other similar restriction, craigslist has authorized, and continues to authorize, everyone to access that information. 3taps believes that the CFAA was meant to protect private and confidential information and that it was never meant to be used to selectively criminalize accessing public websites and obtaining the public information found on those sites. Importantly, the Court noted that the “current broad reach of the CFAA may well have impacts on innovation, competition, and the general ‘openness’ of the internet . . . but it is for Congress to weigh the significance of those consequences and decide whether amendment would be prudent.” Order at 12. 3taps continues to urge Congress to clarify the scope of the CFAA so that companies like craigslist cannot use it as a tool to stifle competition, innovation, and access to public websites.
While we disagree with the Court’s interpretation of the CFAA, we of course respect the Court’s ruling. Accordingly, 3taps will adhere to the current interpretation of the law and will immediately cease all access to craigslist’s servers. (Significantly, 3taps only began accessing craigslist’s servers because, as alleged in 3taps’ antitrust counterclaim, craigslist interfered with 3taps’ ability to source content through general search engines.)
Although craigslist may use the CFAA as currently interpreted to prevent 3taps from accessing its servers, 3taps can continue to function because directly accessing these servers is only one of three ways in which the information in question can be obtained. The other two, crowdsourcing and public search results, require no such access to craigslist’s servers and thus obviate the need to engage in conduct that may implicate the CFAA.
Going forward, 3taps will operate based on its understanding that if it does not access craigslist’s servers, it has a right to collect public information originally posted on craigslist’s website. In particular, 3taps reasserts four fundamental points:
3taps does not now scrape craigslist’s servers, and therefore, cannot be in violation of the CFAA.
3taps' indexing and caching of exchange posting data reduces (rather than increases) the net computing resources expended by craigslist and other publishers to deliver complex search results to end users.
As the Court previously held, craigslist cannot rely on its current Terms of Use to claim the right to enforce copyrights associated with user-generated ads posted on its website.
The United States Patent and Trademark Office recently confirmed that craigslist cannot trademark a peace sign – even if that peace sign is purple. See http://ttabvue.uspto.gov/ttabvue/ttabvue-77956067-EXA-24.pdf [uspto.gov]. 3taps and others cannot be harassed for using the peace sign to indicate where information was sourced.
3taps will hold a public event to demonstrate to any interested party that it is possible (despite assertions to the contrary) to obtain public information on the Internet without reliance on accessing a particular source website. 3taps believes that, by no