Does A 27-Second Video Showing How To 'Hack' The NYT Paywall Violate The DMCA?

from the it-certainly-might... dept

We’ve discussed many times just how easy it is to get around the NY Times’ paywall. I’ve never run up against it because I don’t have javascript enabled, and the whole system is javascript based. We have wondered, however, if doing this is technically a violation of the DMCA — specifically the anti-circumvention clause. After all, I am circumventing technical protection measures. That I have javascript automatically turned off for all sites doesn’t much matter.

Of course, now that the paywalls been out for a while, people are finding even more ways to get around the paywall, including merely removing the string at the end of the URL. This is so simple, that someone made a 27-second video showing people how to “hack” the NY Times paywall:

Of course, I’m wondering if just this video alone violates the DMCA’s anti-circumvention clause. Section 1201 of the DMCA says (in part): “No person shall… offer to the public… any technology, product, service, device, component or part thereof, that is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title.” Is putting up a video that shows an incredibly easy way to get around the NY Times protection measures a violation?

Filed Under: , , ,
Companies: ny times

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Does A 27-Second Video Showing How To 'Hack' The NYT Paywall Violate The DMCA?”

Subscribe: RSS Leave a comment
57 Comments
Jason says:

Re: Re:

Well, the courts have already ruled that “effectively” here does not mean a measure of how effective the control is, but rather as a designation of *that which effects* the control.

However, I wonder if this might be a case where you’ve got a locked door standing alone without any walls.

Richard (profile) says:

Re: Re: Re:

Well, the courts have already ruled that “effectively” here does not mean a measure of how effective the control is

The word is common to thte laws in several different countries (it is in an international treaty) and I believe that in some countries it has been interpreted to exclude “ineffective” measures.

Cowardly Anon says:

I don’t think that turning off javascript would violate DMCA. My reasoning behind this is that you have a right to allow or deny any application that runs on your computer. Saying that turning javascript off would be like saying you can’t run a personal firewall application b/c you can deny any applications access to the internet. Just seems stupid to me.

I almost feel sorry for the NYT. They didn’t get what they paid for in this case. There are just so many things wrong with this model that it isn’t even doomed to fail…it’s just made of fail. It’s like they are the QWOP athlete in the 100m dash.

Cowardly Anon says:

Re: Re: Re:

Writing a hack to get around a closed system is not the same a choosing not to run code given by a third party on my hardware.

Case in point: I have a ps3. It is not connected to the internet. I choose not to run Sony’s firmware on my system.

At such a point when I can’t play a game I want to, I will have to make the choice to run Sony’s firmware update or crack my system.

But, until I actually run the code to crack my system, you can’t say I’m violating DMCA.

Choosing not to run javascript is the same thing. I have not cracked or hacked the system, I have just chosen not to run code from a third party.

Anonymous Coward says:

Re: Re: Re: Re:

You’re splitting hairs. I doubt any court would find your argument convincing. By the same token, I could legally bypass the DRM on video games and movies I have purchased by saying I simply declined to run the code that enforced the control. In some cases this can be done with the same ease as disabling javascript. Selectively bypassing parts of a package when those parts have been designed to restrict access to parts of that package is precisely what the DMCA disallows.

You’re also making an artificial distinction between “running the code to crack something” and “declining to run something”. Disabling javascript runs code that alters the flow of your browser. “Running a hack” could be as simple as a few instructions to set EAX to 0 at one point. You think that you are “running code” in one instance, and “not running code” in another, but that’s not correct. And if your distinction were correct, it would still be irrelevant because the US courts haven’t recognized such distinctions as relevant.

Niall (profile) says:

Re: Re: Re:2 Re:

The difference is that Javascript is a (default) add-on to your browser, one which you may choose not to engage. And good luck finding a browser that doesn’t already have it as part of it (now, what happens if you code a browser without Javascript?) That’s not the same as installing/downloading/actively actioning a program that removes/suppresses existing DRM.

Fun thought: Make your on-site DRM Flash-based. Then SUE those iFanboi devices for bypassing it!

DogBreath says:

Re: Re: Re:2 Re:

If some website uses javascript to enforce their “viewing protection” but you can still view the pages without JavaScript, that is a fail on their part, not on yours. Otherwise the NoScript add-on in Firefox is in violation of the DMCA (as it allows selective running or disallowing of various javascripts) and is a circumvention device and must be taken down (can’t wait for DHS and ICE to seize their domain).

Next, it will be illegal to block ads because of the advertisers First Amendment rights being violated, and the AdBlock plugin will have to go. That will known as the day the internet died.

Anonymous Coward says:

Everyone pretty much knows that these laws are a joke written by big corporations. Even the government now seems to be realizing it and the corporations don’t seem to be doing as much to go after those who violate them because doing such is not effective and only makes the corporations look like jerks. It’s a PR nightmare for them.

What the government needs to do is pass a law that gives the corporations everything they want while making it the law that they do not look like jerks and that they are not jerks. That way no one would think of them as jerks every time they act like jerks and they can go on about acting like jerks without the negative PR involved.

Also, presidential elections are coming up somewhat soon and the government (and the courts) often pretends to act more consumer friendly around this time. After presidential elections are over, they will go back to acting like jerks again. It’s why we need shorter election cycles.

Anonymous Coward says:

Re: Re: Re:

The problem here is that with how much time money and work going into those elections, when would the president actually get the time to do his job if he gets one year (adjustment period) and then one more year where hes only working half the time and campaigning the other half.

Anonymous Coward says:

Re: Re: Re: Re:

You should not be allowed to use any money to run for president. The president should stand on his or her two feet alone. Why not hold a series of debates/ conferences where anyone who wanted to be (and qualified to be) president could join the conversation? This would level the playing field and allow the person with the best ideas and character to be elected versus the person with the most $$$.

Niall (profile) says:

Re: Re: Re:2 Re:

It is quite scary how much money you need to run for President in the US. I guess it’s true in France, Italy etc as well though.

How that compares with an essentially unelected leader like we have in Britain, I’m not sure.

(For information, the only people who get to vote on who is the Prime Minister are the members of his/her constituency and members of his/her political party.)

Anonymous Coward says:

Does it violate DMCA? It does. None of the actions inside of it, performed by an individual would be considered illegal (you can turn off javascript if you like good luck enjoying the last 20% of the internet that doesn’t need it). However, showing people how to perform those acts *in context of this website* could be considered illegal.

More than anything, it shows the NYT firewall to be ineffective, and shows the video poster to by a whiny child who doesn’t understand what it means when someone says “you are not welcome”.

Rekrul says:

Re: Re:

(you can turn off javascript if you like good luck enjoying the last 20% of the internet that doesn’t need it)

A large majority of sites work just fine with Javascript disabled. In most cases, it’s only used for ads and non-critical, incidental things, like the voting buttons on posts here, or hiding posts that have been flagged as spam.

In most cases, turning it off makes the page load much faster. And in a few cases, disabling it will get rid of annoying “features”, like the IMDb’s auto-complete suggestions for the search box, which sends you to the last thing the mouse touched, rather than what you typed.

el_segfaulto (profile) says:

Re: Re:

JavaScript has been abused far beyond its original intention. It is used as a malware vector and as a means to track web usage.

Anybody who makes a site that breaks with JavaScript disabled has no business designing anything for the web. I use JavaScript (with jQuery) and every site I’ve ever developed gracefully degrades if JavaScript is disabled with a friendly banner informing the user that for the full experience it should be disabled as well as a link to a page describing what the script does and does not do. And that is how you do it right.

G Thompson (profile) says:

Re: Re:

Actually that is not correct.

Javascript is what is classified as a client side application. ie: It ONLY runs on the viewing computer after the server has sent a request to it to do something.

It is run at the whim of the owner of the client, NOT at the request or legal ability of the owner of the server. In fact the servers owner has no legal obligation to make you use it to visit their site since if they do force you under the duress of quoting the DMCA or other torts they very much could be liable under the criminal sanctions of the Computer Fraud and Abuse Act.

Whether yourself or the NYT like it or not it is the owner of the computer who states what is run or not on their own system, and more specifically what has authority to access or not.

I can guarantee you (since this has happened once) if some organisation tries to access or run some programme/script on my computer which I have not given them the legal authority to, then that organisation will be in for a very nasty shock when criminal warrants are served on them.

As for this video, It shows people how to legally disallow authority to the NYT on their system and therefore is not showing circumvention of anything, especially when circumvention implies the bypassing of something fully controlled by someone else, in this case the NYT, which is incorrect.

Rekrul says:

This reminds me of the time years ago, when I discovered that a subscription based adult site’s only protection was that non-members weren’t shown the URL to the paid content. The samples on the front page were linked to files in the members section, so it was a simple matter to copy the URL and delete the filename in order to access the raw directory listing. At which point, you had access to anything on the site for free. πŸ™‚

Anonymous Coward says:

Would you trust them with your credit cards?

If they can’t protect their own content, how do they expect customers to believe they’ll protect consumer information? Do we have any clue how secure their subscriber information is?

What does poor security of their own content do to the NY Times reputation for security overall?

The Devil's Coachman (profile) says:

Re: Would you trust them with your credit cards?

Like most businesses, they don’t really think computer security has much ROI, so why would they spend money on it? Having been in IT for over 40 years, I think I can speak with some authority on this. The pointy-haired boss is the norm, and the exceptions to that are rare, and they are usually hunted down and punished or laid off for having the temerity to suggest that spending funds on anything that does not produce immediate and huge profit is foolish and shows poor business sense. Plus, it has a negative impact on the executive bonus pool.

el_segfaulto (profile) says:

This! A million times this! I’m all for helping to support sites and I do turn AdBlock off for Techdirt. But for the love of all that is holy, do we need all these idiotic widgets? Using Firebug (a must have for any developer) you’ll find that the page size is 758 KB (for this article as of 8:18 PST) and the page load time is 24.14 seconds. This is completely unacceptable and the reason why Techdirt has JavaScript all but disabled on my browser.

G Thompson (profile) says:

Re: Re:

Wow.. I’m getting
Documents (5 files) 15 KB (123 KB uncompressed)
Images (43 files) 54 KB
Objects (1 file) 180 KB
Scripts (27 files) 239 KB (511 KB uncompressed)
Style Sheets (7 files) 51 KB (84 KB uncompressed)
Total 538 KB (952 KB uncompressed)

and I have ads turned off totally, Its the scripts and 1 object (flash swf file of some weirdness) that makes this site very slow sometimes.

out_of_the_blue says:

Techdirt has at least 13 sites running about 36 scripts,

by my quick count. Then, if finds the noscript extension, still rats you out to be counted by “b.scorecardresearch.com”. (I’ve long had the latter in my hosts file.) So while /appearing/ to be a libertarian, Mike is in fact a /commercialist/; I don’t find that either honest or in the long term interest of maintaining freedom. He sells himself — and YOU too if you let him — every day.

If only to deny these commercial entities information that they — or some /national/ spy agency — will eventually use against you, everyone should use Noscript and a hosts file. It’s not merely that you’ve nothing to hide, it’s just plain none of their business. They’re only /looking/ for ways to annoy you at best, and the possibilites of /doing evil/ are enormous. By selling your personal data to whoever (last I heard Google gets $25 for it), they get around what’s left of the 4th amendment. — And most are again saying so what? Well, the full explanation is in Orwell’s “1984”. The goal is to spy on everyone /all/ the time, because that’s what gov’ts /like/ to do, and along with bank and credit card reporting, it means TOTAL CONTROL. — Just say no now while you still can.

As for sites that require javascript, with Noscript it takes only right click and allow. — BUT there’s a poison pill even in Noscript, as it comes set to allow the worst offenders access on every site: you should remove its entire white list.

BeeAitch (profile) says:

Re: Techdirt has at least 13 sites running about 36 scripts,

“So while /appearing/ to be a libertarian, Mike is in fact a /commercialist/; I don’t find that either honest or in the long term interest of maintaining freedom. He sells himself — and YOU too if you let him — every day.”

I, for one, am glad that Mike makes enough money (off of me and other techdirt readers) to keep this site going. Keep up the good work Mike!

As for you, if you don’t like it, don’t visit the site. You won’t be missed.

Jose_X (profile) says:

Re: First ammendment

“No person shall… offer to the public… any technology, product, service, device, component or part thereof, that is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title.”

My interpretation is that “products” and the rest would not include speech as clearly would be a website.

Overcast (profile) says:

I set the browser to delete cookies on close and have never had a problem accessing as much of the NYTs as I want. Is deleting cookies a violation of the DMCA?

Probably.

But all these IP and supposed ‘protection’ laws being put in are just to make sure we are ALL guilty of something – all the time. It’s the only easy way to run a police state, like our ‘leaders’ endeavor to do.

Overcast (profile) says:

You should not be allowed to use any money to run for president. The president should stand on his or her two feet alone. Why not hold a series of debates/ conferences where anyone who wanted to be (and qualified to be) president could join the conversation? This would level the playing field and allow the person with the best ideas and character to be elected versus the person with the most $$$.


The BIG problem is that politicians give grants and tax-exemptions to various organizations and companies. Then those SAME organizations/companies turn around and *fund their campaigns*.

It’s basically just money laundering, but since they are ‘good organizations’ with their parasitic politicians protecting them, the justice department could care less.

So much for the ‘rule of law’ in the formerly United States of America – now known as the Tyrannical States of America, or TSA for short.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop Β»

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...