NY Proposes Mandated Open Access To Social Media APIs
from the protocols-mandated-over-platforms dept
Given just how many terrible state social media laws we keep seeing, it’s nice to finally see one that, conceptually, I agree with, though practically still worry about.
NY state senator Brad Holyman-Sigal has introduced a bill to require social media websites to provide an openly accessible API for others to build on top of. Senate Bill S6686 is definitely the kind of bill that fits with my belief that the world is better when we’re focused on protocols instead of platforms, and that platforms aren’t able to lock-in users and prevent others from building better services on top of the platforms.
So, conceptually, I like the basic idea in the bill, as described by a recent Bloomberg article about it.
New York would require social media platforms to provide free data to apps that allow users to block hateful speech under legislation state lawmakers are expected to consider next year.
Of course, every time this idea comes up, some people worry about potentially bad actors making use of the APIs. In short, the Cambridge Analytica scenario. But the law allows for blocking that access in those cases. The exceptions include:
A social media platform may deny or discontinue any user or authorized representative’s application’s access to the API if:
(a) The social media platform reasonably determines, consistent with access requirements clearly established in its terms and conditions, that allowing a user or authorized representative to connect or remain connected to the API would present an unacceptable level of risk to the security of the social media platform or its users; and
(b) The social media platform makes this determination using objective, verifiable criteria that are applied fairly and consistently across all applications and developers through which users may seek access to the platform; provided that the social media platform must retain records of any decision to restrict API access to any users or authorized representative, including the user, date, time, documented misuses and record of notification of violation.
There’s more in the bill, and it would certainly help companies like Block Party (which we’ve spoken about a few times here on Techdirt) build better tools to help users take more control over their own user experience, rather than relying on the underlying platform. As Bloomberg notes:
Block Party and similar apps allow users to use a variety of criteria to block hate-filled posts, notifications, comments, and other activity before they would have viewed it in their social media feeds.
Such software has thwarted millions of troll comments since Chou founded Block Party in 2021 after becoming the target of online harassment.
At the time, she struck a deal with Twitter to get free access. She said it was a win-win situation that allowed the platform to address harassment without devoting its own financial resources.
“You need third parties who are motivated,” said Chou. “Platforms are just not incentivized to build out that full suite of solutions for end users to control their experience.”
The bill—which would take effect 180 days after getting signed into law—would restore power to people who want to control what messages reach them on social media while leaving others free to say what they want online, according to Chou.
“Really what you’re doing is just giving people more control over what they’re seeing, not curtailing anybody’s ability to speak,” said Chou. “Freedom of speech is not the same thing as freedom of reach.”
In effect this would roll back some aspects of companies like ExTwitter and Reddit trying to restrict access to their APIs and putting up ridiculously expensive paywalls for that access. It would be tearing down walls and enabling more innovation.
That’s… the good side. I’m still not totally convinced this is a good bill, however. My first concern is simply that it’s a state bill. We keep noting that states have little to no authority to regulate social media, which is often run out of state, and the dormant commerce clause issues here are real, even if the intent of the bill is good.
Second, it’s not clear to me that there’s any limiting elements on who this applies to beyond “social media platforms” that do a few things that most social media platforms do. And that raises some concerns about smaller, more directed and targeted sites, which might not really be set up to provide such an API, but under this law might need to do so.
So, I like the concept of the bill, but I’m just not sure New York really has the authority to do this like this, and I worry on the margins about some of the way the bill is written.
Still, it’s way, way better than nearly all the other state bills I see these days about social media.
Filed Under: apis, brad holyman-sigal, new york, open access
Companies: block party
Comments on “NY Proposes Mandated Open Access To Social Media APIs”
Fantastic! Now any comments calling out things like advocating for the genocide of Jews get filtered out.
Calling out bigotry is about to get much, much harder.
Shocking how the creators of these “anti-hate” tools don’t bother to think about how those tools can be used to undermine their stated purpose.
Re:
Explain how.
Re: Re:
Easy – if you can’t see it, you can’t issue “more speech” to counter that bigotry (or other hate speech). In short, the hate mongers will be in much larger echo chambers, with no one to monitor them… possibly excepting law enforcement looking for those who might be planning on dastardly deeds.
Example: You don’t just filter out missives that espouse killing Jews, you actually filter out their source. Done. But without your knowing it, they’ve now shifted focus to include a different target, say LGBTQ+ folks. This one you might be more interested in, presumably for defensive reasons. Yet with the source being blocked, you have no idea. That’s a not a good thing, is it.
For the same reasons as AC, and possibly the same as Mike himself, I’m all for protocols over platforms, but things like this, we should not let the monitoring fall to law enforcement, we should all be monitoring and rebutting hate content wherever we find it.
Re: Re: Re:
And what would you say to me if I said I don’t want to be constantly exposed to hate speech against my will?
API-driven blocklists give users the choice of whether they want to be exposed to hatemongers. It wouldn’t stop any user who has an interest in tracking those hatemongers from doing exactly that.
Re: Re: Re:2
As they say, the devil is in the details. An open API is not the final answer, it’s only the beginning. An incredible amount of computing power will be necessary in order to get the context right. Lacking context, filtering/block-lists will be rudimentary at best.
I give it a minimum of 5 years before society has a viable and useful filtering process, with block-lists that are acceptable to the majority of the populace. But I also predict that just because they are filtered out from the main stream (no ‘right of reach’), the hate-mongers won’t go away for at least 10 to 15 years beyond that period. That’s the part that saddens me the most.
Well, that and the countless court cases that will arise from this paradigm shift. All because we allow people to enter adulthood without any kind of testing to make sure they understand what’s expected of them, and what behavior is not acceptable. That’s the sad part, having to watch yahoos act like children, and then make outlandish claims that they are innocent. (I’m looking at you, #45!)
Re: Re: Re:3
That’s nice.
Precisely none of it answers my question.
Re: Re: Re:3
And we fought a fucking World War to stamp out the the Nazis. And then did everything possible to ensure the Soviet Union did not win.
We still have yet to stamp out those ideas.
Re: Re: Re:3
It’ll take time? Who would have thought?!
It’ll take computing power? Yeah, or just any individual user’s personal settings. Or lots of individuals sharing. Mix and match. You don’t need to divert half a city’s water supply in order to adjust one of the faucets in your home.
Re: Re: Re:2
Why, then, go elsewhere, of course.
Re: Re: Re:
So.
In order to combat hate, we need to give up having ANY semblance of living, just to hunt down hatemongers?
Is that what you want everyone to do? Police everyone’s behavior 24/7?
Look, people have bills to pay, and they have to pee.
Re: Re: Re:
Maybe you could build tools on such forced-open APIs to notify you of every single (bigoted, or whatever criteria) comment every single asshole make on a platform. Better?
Re:
What do you mean? The point of this bill (which is unconstitutional anyway because of the Dormant Commerce Clause) is to allow users to configure what shows up on their personal social media feeds. Someone trying to track hate speech can simply refrain from blocking hate speech.
Re: Re:
Partially true. But two things come to mind:
a) Old habits die hard. To wit, it will become a staple of life that we filter out things that bother us.
b) Most folks won’t want to constantly update their filters, they’ll just subscribe to a third-party service that provides, and presumably automatically updates, a filter set that the user wants. This is a logical extension of the current filters being sent around for AdBlock, AdGuard, UOrigin, etc.
Which is why I said above that monitoring shouldn’t be left to law enforcement. Just as the asswipes of this country feel that have a duty to make us miserable, we all have a duty to ourselves and to society/civilization to keep the hate-mongers at bay. And no amount of tooling will make that easier, I’m pretty sure about that.
Re: Re: Re:
But freedom of speech and freedom of association necessarily include the right of individuals to choose what speech not to listen to and which people they don’t want to associate with, including the use of blocklists and filters, etc.
You’re basically saying that a person who has experienced trauma must be exposed to potential trauma triggers because everyone in society needs to know that there are bad people out there who post trauma triggering content. Not everyone morally must or practically needs to be exposed to such content and you don’t get to dictate to them about what they get to encounter.
You can moralize all you like over their decisions to do so, but you don’t get to tell them that they can’t or try to use government to force them to see it by killing an ability to have that control.
If you want a civilian agency to monitor it instead of law enforcement, fine. But don’t pretend everyone else has to be exposed to content that they would otherwise consciously choose not to see if they knew what it was.
Re:
I) If hate speech is being filtred by most people themn it has little reach or opportunity to spread.
2) How was hate speech tracked pre-Internet, where it was limited to a few pubs and clubs with unsavory reputation, oh and Enoch Powell in public meetings..
Re:
Um. What the fuck are you talking about? That’s not what it means at all.
This comment has been flagged by the community. Click here to show it.
Re: Re:
Uh…
Yeah, of course that’s what it means? (which in this case I have no problem with it, particularly if individuals set their own filters)
I know you’re not a very good critical thinker but c’mon now.
Re: Re: Re:
I am always amazed at your incredibly level of pure stupidity.
Block Party is something you should fucking celebrate. It keeps accounts up and unmoderated. It just puts the power in users hands to say “this person is annoying the fuck out of me and I don’t want to see them any more.”
You are nothing but projection.
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:2
You’re a fucking idiot and reading comp is not your friend.
I never said otherwise. Still VERY CLEARLY enabled the filtering out of hate speech, including genocidal hate speech. (which as I already said, I’m fine with, you moron) Very clearly that’s what it means and you corrected the guy. That’s it’s whole purpose, actually.
Yeah man, I reiterate this point. Are you even paying attention to what you’re writing, or what point you’re trying to argue?
Jesus fuck are you letting Strawb write your replies now? You have failed to comprehend and spoken like a buffoon here on every level.
Re: Re: Re:3
The problem is that you and the OP falsely believed that tools for users to filter what they see was the EQUIVALENT of universal filters that go beyond what a user chooses to see.
That’s what makes your comment so fucking wrong.
Compelled speech? Unconstitutional?
This comment has been flagged by the community. Click here to show it.
How is this different than forcing them not to censor?
You keep on insisting that “it’s a private platform and they can ban who they want.” You keep on insisting “censorship is free speech” (lol, no) and therefore it it’s wrong to force twitter, FB, etc not to ban those users for violating vague and arbitrary TOS.
But you think it’s a GOOD idea to force them to publish APIs, indeed publish content via those APIs?
You have no guiding principle here, a rationale for why it’s OK to force a platform to do one thing but not the other.
You liked the old ideological based censorship. You even seemed to like government involvement in it. You also like API access.
That’s it, that’s the whole thing.
Hey I happen to like API access, too, but at least I have the good grace to realize government trying to force that is fucking nuts.
Re:
Something I have never, ever said. I know you have repeated it so often you THINK it’s true. But I have never said that, nor do I believe it. I understand you’re not very bright, but this is just silly, Matt.
First of all, I didn’t say I supported this bill. I said why this bill has problems.
Second, having a company publish an API is incredibly different from saying they have to host content they don’t want to host. An API is for other services to make use of.
I’m not sure why you think these things are in conflict? Do you not… understand what an API is?
This comment has been flagged by the community. Click here to show it.
Re: Re:
Donkeyshit, you call it “moderation” but it’s the same fucking shit. You don’t just say this, you say it like every week, at least.
Yes, you did. You spoke of how the spirit of it was good but was a state law and the scope is ill-defined yadda yadda, but all your objections are practical. You like it in principle but not in practice. You think the goal is good. I”m here to say if you like it in spirit but not in practice you’re a fucking moron who has no idea how to make logical conclusions based on first principles, legal or otherwise.
No, no it isn’t even a little bit, actually. APIs are arguably themselves content but outgoing APIs absolutely publish content. (they don’t “host”, but they do publish, which is way more important? Nice strawman, I almost didn’t notice. But I’ve begun to realize you make dumb distinctions like that and retreat to them on purpose.)
I work with APIs as part of my dayjob, ya dumb fuck. How do YOU not understand these are in conflict? Other comments on this post seem to get this, most of which are written by lefty ideologues who usually support your bullshit
How the fuck did you come to be writing a tech blog?
Re: Re: Re:
No. This is again where you are wrong and it makes you look like a fucking fool. What I have said is that the right for a private platform to moderate as it sees fit is part of its own 1st Amendment free speech rights. That’s not even remotely controversial.
That is not, as you claim, the same thing as “censorship is free speech.”
Separately, I have argued that recognizing these private property rights helps ENABLE MORE SPEECH because it means there are more sites willing to host more content. If you took that right away, fewer sites would be willing to host more content and the world would have less free speech.
I recognize that to understand these points you have to be able to hold more than a single thought in your head, and that you have shown this is a difficult task for you, but Matthew, I believe that someday you’ll figure it out.
So… you don’t actually understand what APIs are. Gotcha. Thanks for confirming.
Re: Re: Re:
No, they arguably aren’t content. They are inherently content neutral because they’re a means of hosting or publishing or interacting with or displaying or analyzing content. That’s like saying that a VOIP connection is the same as the conversation being had between two people on a phone call.
I wonder if “work with…as a part of my dayjob” is loose wording here where you’re not doing anything with the API except interfacing with it as a user, so you don’t actually understand the backend. If you are actually a developer, then I’d be very concerned for your employer/clients.
What other comments? There are a bunch pointing out that people making comments like yours don’t understand what an API is. An argumentum ad populum isn’t very useful.
Re: Re: Re:
Private censorship IS free speech. By removing or blocking content they make their opinion known. Hence a projection of expression.
How is this not a violation of the 1st Amendment? All of you “no right to free reach” ideologues seem to turn right around when the free reach is something you want. Shocking. Not.
Re:
How is it? This reads like any other accessibility accommodation. It’s not a 1st Amendment violation to mandate that you have designated exits in the event of a fire or a disclaimer saying that your product contains allergens. It’s just an API. You do know what an API is, right?
This claim doesn’t make sense at all. Did you read the article? What is unconstitutional here?
Re: Re:
Requiring an API means requiring that the software underlying a website must be constructed in a certain way. What makes you think that the government has the right to mandate that, given existing legal doctrine that software is speech? A publicly accessible API also means that the owner of the site must give up certain rights and controls over their data. Again, what makes you think that the government has the right to do that? Sites often combine their content with advertising. Making content available via API might allow the advertising to be bypassed. What makes you think that the government has the right to do that?
This is link taxes and free reach on steroids.
Re: Re: Re:
You have it backwards, the system design defines the API, and the proposed law is basically saying make that API public, rather than keeping it private.
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:2
Well THAT isn’t true. The system need not have any APIs (it does tho).
Re: Re: Re:3
What is a social media website? A database software, with a GUI feeding you curated database entries and facilitates navigating the database. What powers that website is an API that makes database queries.
I suppose, Conceptually, deriving from a broad definition of an API as code that allows two programs to communicate, i suppose you might have a bespoke database ‘baked-in’ to the core code, that you could call them the ‘same software’ and therefore the calls into the database wouldn’t be “API” calls, but i’d argue that just because you’ve chosen to fuse the database and the GUI doesn’t mean they aren’t separate pieces of software.
In reality, No software on the scale of social media is written without isolating various discrete components, like isolating the database from the program that displays your feed. You might remember Musk complaining about this for Twitter – ‘The stack’ being the collection of programs that run interdependently to operate twitter. Isolation helps avoid bad calls leading to corruption of the database and more broadly, helps protect against a bug being introduced in one software leading to unexpected behavior in another.
The government doesn’t need to mandate APIs. Best Practices in software development mandate APIs.
Re: Re: Re:
James already covered this well enough, but in general, an API likely already exists for most major social media networks to which this bill would apply. But pretending that mandating a website be constructed a certain way isn’t in the government’s power ignores my example of accessibility legislation. The websites already have APIs by design the same way they have accessibility features. You’d have to claim that the ADA and OSHA are unconstitutional and that’s a non-starter.
The government can mandate accessibility features via the ADA and safety features via OSHA and any number of other features.
An API isn’t speech. It’s an interface protocol. It’s a structure of code that facilitates the viewing and using a website or service. That would be like saying the alphabet is speech. It’s the means of communicating, it’s not communication itself. “Existing legal doctrine” also doesn’t seem to mean much these days and can change on the whim of which judges are overseeing a case.
One might consider this bill to be a statement that the data isn’t theirs in the first place. The EU already recognizes that the data in question belongs to the individuals who generated it and can be deleted on their demand. A reverse question would be, “why do you think the social media platform should own your data?”
The use of advertising to fund a site is a choice of the website. If they choose that model but can’t make it work, it’s not the government’s responsibility to protect them. It’s not the responsibility of users to view advertising either. Ad blockers aren’t illegal. Not watching ads isn’t illegal.
Yeah, it might look like that if you think corporations should have more rights than people.
Re: Re: Re:2
Corporations are one way people choose to organize for a common purpose. The rights of corporations are the rights of the people they comprise.
Re: Re: Re:3
Nope, not at all.
Corporations are proxies for a collection of owners wielding money as “speech” disproportionate to the speech of those without that money, hence a violation of the equal protection clause.
This statement implies that every exploited employee of a corporation necessarily cedes their rights to that of the corporation’s representation of their interests, but the employees are not represented by the corporation, only the shareholders.
But this is an irrelevant topic anyway since a corporation can’t represent the users of a service or platform that the corporation owns. Customers and users (like the employees I mentioned before) do not cede their rights to the stewardship of corporations.
Corporations are just sociopathic proxies for the profit-driven whims of shareholders and corporate officers. They are not at all associated with the constitutional rights of human beings with consciousness or sentience.
This comment has been flagged by the community. Click here to show it.
Re: Re:
Yeah, we all know what an API is. You aren’t thinking about it very well.
IF a law said all tweets had to also be shown in braille, that’d be one thing. Still compelled speech, but of a type we generally recognize as fine.
But mandating an API is a demand to output that content in a format that let’s whoever else do whatever they want with it. (usually comma or tab separated) Including, btw, a Cambridge analytica situation (exceptions in the law for that mean nothing, you’d never know until well after the fact) or maybe just republishing the entire feed ad-free. But it is without question compelled speech.
Re: Re: Re:
It isn’t compelled speech. They’re not forcing platforms to host any speech or content the platforms don’t want to host.
This comment has been flagged by the community. Click here to show it.
Re: Re: Re:2
As I said, you aren’t thinking about it very well.
Re: Re: Re:3
I don’t think I’ve seen you run out of arguments that quickly before.
Re: Re: Re:
A key factor of Section 230 analysis is that the website is not the speaker when the website is not the one putting the information on the website. The ability to moderate comes from freedom of association, not in a claim that the words are the website’s. The information being displayed is not the website’s speech, and displaying it elsewhere is not compelled speech on the website, who still isn’t speaking, nor is the speech any more compelled from the original speaker than when if I had taken and posted a screenshot. Less so, because the original speaker can still delete the original post and have that ripple out to any website using the API.
CAmbridge analytica was not a problem because the API existed, but because the API specifically provided information considered violative of privacy. Cambridge Analytica can still happen without APIs, and you’d never know about it until well after the fact. Nothing has changed there. Limits to a public API are as effective as the current reality.
Re: Re: Re:
I’m not surprised at this coming from you.
Absolutely the final proof that you don’t know what an API is, let alone not knowing how one works. Here, let me clue you in (even though it’ll be a waste of my time, but what the hell, I’ve gotta exercise my fingers daily, so here goes…):
An API is usually called a set of calls, and that’s not too far off the mark. But you’re conflating the results of those calls with a blatant disregard for reality. In the real world, a user accesses a dataset via some form, most often a console, but actually, that’s just the hardware end. Translated into machine language, the hardware ($CON) only sent a set of signals to some other piece of hardware, which for our purposes, is a set of storage blocks. These are the components holding information that we, or at least someone, holds as desirable to not forget.
So now I’ll put that in English – a user requests some piece of information, and a piece of hardware storing that information returned said info back to the user, in a format that the user understands (i.e. a conversion from machine language into a human-readable format). Notice that at no time was anything “revealed” that was not requested. And here’s where our overarching term API comes in – it’s the set of translation rules that either limit/prevent or allow the flow of certain data, according to the criteria set by the programmer’s boss(es). That last sentence is what’s commonly called the business rules. If they aren’t set up correctly, then we get the Cambridge Analytics snafu. If adhered to correctly, we don’t get that level of abuse.
But as in anything else we do, there are trade-offs and compromises. Things will settle out soon enough, and I’d bet that abuses like your doomsday scenario won’t happen more than once, if at all.
Re: Re: Re:2
Let me add something more to the above (same AC here):
In our digitally driven world, we so often forget that the term programmer (or developer, depending on the size of the paycheck) is nothing more than a human being. That includes not only the (alleged) education to become a programmer, but also all the human foibles that go into human behavior.
To wit, there is no such thing as a computer. OHH CRAP, you say. Watch out, Bunky, ’cause your asshole is about to pucker up in a most serious manner.
When you face a person physically, and you communicate with them, you’re exchanging thoughts. They could be ideas, or instructions on doing something, or commands to do something, whatever. Now, let’s interpose a piece of hardware between the two of you. No, not yet… I’m speaking about a telephone (and before that, the telegraph, and before that, the heliograph, etc.) You used the ‘phone to communicate with a person distant from you, so the face-to-face aspect was removed from the conversation, but nonetheless, a meaningful dialog took place.
Now you can fast-forward to the computer. And the analog here is that a human used the computer to store instructions that would allow another human to access some certain data. Often, the instructions could not be changed by anyone else beyond the original author, but the term ‘hacking’ changed all that. (See 2600 Quarterly, if you’re not up to speed on that one.) In any event, you are using a hardware device to communicate with one or more humans at some distant remove, both in time and space. That other human, the one you can’t see, and presumably you don’t know… he or she is still a human. And you still communicated with him or her, even though you used a piece of hardware that let you delay the communication in time, or displace the communication in space (distance). Or both, it doesn’t matter.
And that computer device that so magically allowed all that to happen? It used human-devised API calls to get the job done.
Now you have the full story in both high- and low-level terms. Do with it what you will, but those of us here who already understood these principles will only laugh all the harder at you whenever you spout uneducated drivel like your nonsense above.
Re: Re: Re:2
To add to this extremely informative comment…
These calls are also shaped by the kind of info the creators of said API want to share with whoever is accessing the API.
It is extremely easy to overshare with an API, and most APIs are designed to give what the users critically need and nothing more. Usually, this is for security.
And dormant commerce notwithstanding, wrt 1A, the government is saying “give the public access to APIs that toy can define” is still 1A.
So where’s the government compulsion or coercion? Has the Supreme Court forced social media sites to ACTUALLY allow access to certain kinds of information via the API?
Re: Re: Re:
Your subsequent statements don’t seem to indicate this.
Coming from you, that’s reassuring. I wouldn’t want to think of it in a way you’d agree with.
Use of an alternate alphabet isn’t speech. It’s a means of translation and accessibility. It’s a medium for facilitating speech.
So, no, you didn’t actually read the article. It’s not mandating an API. It’s mandating access to an API that already exists. That’s an important distinction.
It’s not compelled speech. It’s access to the protocols for facilitating access to data, some of the data being speech. And it’s the data that belongs to the individuals who generated it rather than the platform that simply collected it as a matter of the hosting process.
Criminal?
This has to be a sick joke. Mandatory access to private proprietary APIs?
I see no malicious actors jumping in that.
Re:
It doesn’t have to be every single field. Obviously, the government wouldn’t mandate access to private information of users. It’s just calls to a database to retrieve the public information. This already exists by design in many platforms like Mastodon and Lemmy, and previously Twitter and Reddit before they got more hostile to users and developers alike.
And I’m guessing you didn’t read it thoroughly if you think it doesn’t address the scenario in which bad actors can be cut off from access.
Re: Re:
Take it your a FOSS Linux fan and not a freedom to do as thy wilt BSD/Unix user.
Private APIs should never be forced to be given away. Never. A commercial company that creates commercial proprietary code should absolutely never be forced to hand over access to competitors.
Bad actors shouldn’t need to be cut off because there is zero reason to force a company to hand over internal access for any reason in the first place.
Re: Re: Re:
I take it you’re prone to stereotyping people based on limited information. I’m a fan of user rights, regardless of which OS, device, platform, or protocol they choose to use.
We’re talking APIs, not source code. And, again, you’re pretending that the bill does more than it proposes. It’s not open sourcing all code, so fear-mongering over that is silly. It’s giving access to only particular API fields to particular organizations for the purpose of allowing better filtering.
And there is a reason for this, the same way there’s already a reason to force car manufacturers and tractor manufacturers to provide sufficient information to allow users to repair their own devices.
The irony is that the availability of better API access for filtering out the types of content and trolls that drive people from using platforms would actually improve user engagement for the corporations whose well-being you’re so concerned about. This access would basically provide them with free value-added services.
Re: Re: Re:2
Proprietary code that nobody has a right to unless the company decides to grant access.
Period.
If you didn’t write it and the writer or licensors didn’t grant you access you have no right to it and the government has no legal standing. Assuming Cali-wannabe pulls a me too watch the Supreme Court bash them over the head with it.
This is more of a nanny state wasting tax money that has actual real uses. Like the homeless citizens and the ignored veterans, the poor. Instead watch this cause a quick tax increase somewhere when the state winds up defending it…
Assuming there’s enough people to pass this nonsense.
Let me reiterate, bad actors wouldn’t need to be cut off if the state didn’t try to force companies to turn over proprietary code that was paid for by the company, worked on by the company, and maintained by the company. Show me where, anywhere in federal law history, where a state has a rights to unilaterally change restrictions of private code by a private company.
Oh, and stereotypes don’t exist from nowhere (a funny film that was too). You didn’t deny it.
Only true communists and FOSS diehards would support ripping away control of corporate works from the company that created it.
Re: Re: Re:3
Again, it’s an API, the function of which is the interface with the platform. Saying nobody has a right to it is like saying you’re not allowed to look into a transparent shop window. If you don’t want people to look, you don’t write an API in the first place!
The licensors necessarily granted you access by letting their code run on your device. Hell, the company that wrote or commissioned or licensed the software often sells you the device running the code.
This is bullshit fear-mongering. Giving people back rights they already had (right to repair, right to tinker, right to modify your own property) isn’t a nanny state activity. And the corporations who you’re shilling for are the ones helping to make the homeless, the veterans, and the poor all worse off. They’re the ones lobbying for their own interests instead of those of these groups you’re disingenuously evoking to support a pro-corporate, pro-owner stance. “The poor would prefer corporations made more profits! Think of the poor!” GTFO with this bullshit.
The other reason this disingenuous stance is bullshit is that solutions to societal problems aren’t often mutually exclusive. We can open access to APIs and help the homeless, the veterans, and the poor at the same time! You’re trying to create a false dilemma where it’s one or the other. It’s not.
Again, we’re talking about APIs, not source code. You’re pretending like all code is the same.
It’s federal, not state, but accessibility standards for one. The government has a right to demand corporations use code that is accesible to the sight impaired, to the deaf, etc. The federal government has also regulated cryptography exportations, which included removing code in devices that got exported. There are probably a bunch of other examples I’m not thinking of in the moment.
That you keep coming up with these false generalizations about code and don’t seem to already know the history of government influence on code indicates to me that you don’t know much about what you’re talking about. You just sound like a shill trying to advocate for corporate interests.
Another disingenuous tactic. Concluding that a lack of denial is an affirmation is weak logic. I tried to dispel you of a false dilemma due to your apparent lack of exposure to a variety of tech people, but apparently you didn’t catch on that the world is more varied than your limited imagination or experience. I’m not a FOSS Linux fan, though the concept is a good one. Linux just isn’t the only useful OS or (kernal if you want to get technical, which you don’t seem to). I’m also not a communist, but that’s a cute little cold war insult that hasn’t been useful for a few decades except for conservative fear-mongering tactics. As I said before, “I’m a fan of user rights, regardless of which OS, device, platform, or protocol they choose to use.”
It’s also blatantly false that “only true communists and FOSS diehards would support ripping away control of corporate works from the company that created it.” First of all, once again, we’re talking APIs, not source code, but there’s already strong support from people of a variety of backgrounds and ideologies for greater user control over code that runs on their own devices. I rarely agree with right wing “libertarians,” but I’ve discussions with some of them and they’ve advocated for getting access to the code running on their own devices as well. Are you not familiar with all the efforts of people running rooted versions of their phone OSs or hell, just pirating Windows, or hacking devices to repair them? There were people hacking ventilators during the pandemic to get them working. But sure, that must have only been FOSS diehards and communists…
Hell no. You have the right to modify any software that runs on any device you own, within limits of safety. For instance, you shouldn’t be allowed to fuck with your car’s emissions monitoring software in order to dodge an emissions regulation, but you should definitely be able to go in and remove code that phones home with information the manufacturer doesn’t need nor has a right to, like text messages sent via connected mobile devices. If you don’t have root, you don’t own it. If you don’t own it, then why are we paying so much for storing other people’s property? Because corporations can make bigger profits. Which you seem to be in favor of.
Re: Re: Re:4
Removing the company’s choice is the equivalent of saying you can’t use curtains or shutters.
And should have the ability to end that grant as they see fit.
Potentially. And the creators have the right to decide how such APIs are used.
This is tantamount to forcing public domain. And if NY passes this, the lawsuit will come quickly, and the state will likely loose. How much tax money do you expect will be used to defend this bill?
Yes. An interface that can be used to access an application indirectly. Again, it was created for a specific use. What right does the government have to rip away the restrictions of the creators?!
Wrong, they have the legal ability (not necessarily an honest right) to force companies to make alternative use access for such people. Not force modification of the current.
Which I completely disagree with.
Created interests. People who create should have the right to dictate terms for using the creation. If JD doesn’t want you fixing the tractor sell it and buy a Cub Cadet or Ford or etc. mind you nobody is blocking you from fixing your tractors. Only from accessing official parts yourself and blocking warranty work.
If I attempt repair and it fails it’s on me. I won’t request a warranty fix after the fact. If you open it, you are responsible.
Root is not ripping away control, it’s an inherent part of using the OS. If you root and damage occurs, it’s your own fault.
The debate is on if rooting a device should void unrelated hardware warranty, and I’m with the majority saying no. But if a company doesn’t grant root access and you root the device anyway, you become responsible for the device alone. That’s the way it works. If you don’t want that restriction, but a device that offers root.
I have multiple side loaded apps in my iPhone and iPad. No jailbreak needed. If something goes wrong I alone am responsible for that decision.
And we can fight it out on GPL vs BSD et al all day long. A licence that restricts what you can do as a derivative is by its very nature restrictive. Generally I adhere to IDGAF (see FF and the now outdated CCCP libraries for the documentation on some of my work). In a pinch I will less than happily defer to a modified BSD or Apache type.
But the author has the right (outside of forced stripping of freedom) to set their license for use as they wish.
Criminal scum
Once you do, you take over responsibility for the device alone.
And as soon as you do you loose the right to demand a company response. You seem to miss that point. It’s not an issue of freedom in these situations. It’s about freeing the creators from responsibility for user actions. If you hack windows, Microsoft absolutely should be allowed to stop updating it.
Which is a very different concept than the government’s forcing opening access to controlled software.
Re: Re: Re:5
It’s more like removing the company’s choice as to whether they should install a wheel chair ramp or not. Companies don’t have infinite rights in how to design their storefronts or their software.
Yes, they can stop allowing you access to the platform. They can ban your account. But while they grant you access, there is necessary access that they must provide you for the platform to even be functional. Often that takes the form of access to an API.
The creators are usually devs who produced work for hire code that belongs to the owners, not the creators. But again, corporations aren’t able to just conduct business however they like. They are subject to the laws of the places where they operate.
Again, you clearly didn’t read the bill.
Probably less than what states like Florida, Texas, and Tennessee waste defending blatantly unconstitutional bills that attack LGBTQ people. I’d actually be more interested in this being a federal law than a state law. But it would probably get struck down at the federal level because SCOTUS is predominantly conservative at the moment and they seem to love siding with corporations over the interests of people.
“This car was made to mow down pedestrians. What right does the government tell the company to remove the pedestrian targeting system?!?”
The government retains the ability to regulate companies and the products and services they provide to the public. We literally have multiple regulatory agencies whose job it is to do just that: FDA, FCC, FEC, EPA, etc.
This is just a subjective statement. Believe what you want. It doesn’t change what is functionally possible. It doesn’t change what rights users retain.
Congratulations. Your disagreement doesn’t change reality. It’s still an example that disproves your claims.
The people dictating the terms aren’t necessarily creators. But this is irrelevant.
Users of software and services have rights also. The rights of owners and service providers aren’t infinite.
They literally are.
That’s literally the same thing.
A repair is less likely to fail if you have access to the software running on the device. John Deere isn’t even letting them get that far. So you’re even advocating for more access than John Deere wants to provide.
Having root may go against the wishes of the owners (not creators as you keep saying) as much as accessing the API might go against their wishes.
That’s not what we’re debating right now at all.
It’s significantly different to get root that the owners don’t want you to have than it is to get root that is simply made slightly more complicated to get to for the sake of ensuring only power users and technicians use it.
The point isn’t about whether it’s legal or ethical. People do it. Not all of them are communists or FOSS Linux fans. Your contempt for “criminal scum” also rings hollow when you’re shilling for corporations who steal more value from workers and customers than any random individual pirating a copy of a Windows does.
Non sequitur. The point of mentioning this was to point out your short-sighted accusations about who might be interested in API access. Spoiler alert: It’s a lot of people, not just your cold war area boogeymen or some FOSS enthusiasts that you think are few in number.
Except we’re talking about getting access to the API, which many companies are already prone to provide. It’s not hacking.
No, not really at all. You’re inventing a distinction without a functional difference. Again, you need to read the bill.
Re: Re: Re:6
Not at all. Anyone can come along and fashion a replacement piece. What you loose is any proprietary intellectual property (software).
As a tinkerer, I’d argue much of that can be bypassed with analogue components anyway.
I can rip the seat out of a heater locked BMW and replace it with a custom seat. I can rip the mower deck out of a cub cadet ig and replace it with a manual controlled one. I can remove the screen from the smart fridge and still have a fridge. Or swap it with another company’s tablet and my own code.
I have no experience with this company. But I have bypassed software on CFI (dodge, Chrysler), Ford, and BMW vehicles. Changing compression and gear timings. The owners well aware that it likely voids warranty.
And should void the warranty on all software and firmware related issues.
Just like I always say Apple should not be responsible for the damage a user makes to their screen when repairing their phone. But generally, I don’t disagree completely on voiding out a warranty for unauthorised access. But I don’t completely agree either.
You brought it up.
Not really. It’s more difficult, but it’s still part of the OS that two of the three largest platforms today use. Android is Linux and a key part of using Linux is root management.
iOS is BSD and root is an inherent part of the platform.
They can make it easy, or difficult, but not impossible.
If they bar access and you gain access anyway, you did in violation of the warranty. They can ignore, refuse repair, or even cut you off from further service.
Just because the law gives you the right doesn’t mean the company is going to bend over for you backwards.
Yes, I agree that companies should be bound to ask permission for data use. Despite my tracking on opt in preference to help companies that supply me with services, and my dislike of freeloading (eg advert blockers, piracy), I still agree that customers should have a choice to be scum if they wish.
I’ll take the time to read the bill later. It’s possible the inflammatory writeup mislead me as to the intention.
But as it stands now I don’t believe a company should be forced to hand over access to anything they don’t wish to hand over access to.
And if a user chooses to gain access anyway, the company has the right to cut them off, even completely. From service, from support, from updates.
Re: Re: Re:6 Wow, worse than I thought
Apparently it’s worse than I thought. I was expecting another post-X interoperability bill. The democrat’s theatre play for the tiny percentage of X users (the near totality of which are us Democrats) that left X and wanting to merge their proprietary x/Twitter data with another competing service.
Instead of turning over access to existing software, they are being required to create new software. (Congrats on killing user hosted Mastodon like stuff).
Most states have laws that require the majority of this information be made available to users. Now NY is forcing a company to create a new method for accessing this information already made available.
I don’t see where the state is going to pay for the creation of a new api to allow access to information that users can already request access to.
Re: Re: Re:7
The software is a part of the product.
Well, you’re in the wrong business then because you could be making bank telling the farmers how to solve all their easy problems that may be costing them billions of dollars.
I didn’t bring up voiding warranties at all. That was you. I brought up that people wanted root as an example that not everyone who wants greater access is a “communist or a FOSS Linux Fan” as you put it in such a silly and shortsighted manner. Farmers wanting access to the code running on their expensive vehicles is neither communism nor FOSS Linux fandom. Neither is a Windows user using an unauthorized copy. You got off on this warranty tangent as if it’s relevant. This seems to be a result of your Mac enthusiasm.
The companies are often freeloading and taking unearned profit and value from users. Weird how you only call out users.
You could have saved a lot of time by just waiting to know what you were talking about.
That would kill subpoenas and law enforcement investigations, civil lawsuit discovery, compliance with regulatory agencies, etc.
Users wouldn’t have to gain access anyway if the company released the access in the first place.
Many of the social media platforms that this bill would affect already have APIs, so no, they’re not being required to create new software per se.
Okay, even when you read a bill, you don’t even read the bill.
“This article does not apply to social media companies generating less than 100 million dollars in gross revenue in the preceding calendar year or to services where user interactions are limited to direct message, commercial transactions or reviews.”
Mastodon doesn’t make more than 100 million in gross revenue a year. Mastodon is also defederated, so each instance would be considered it’s own platform. And Mastodon is already in compliance because it already provides access to its API.
We’re talking about API access, not just information provided in a report to users.
Okay, I take it back. You shouldn’t read the bill. Apparently you can’t understand it even if you do try to read it.
Re: Re: Re:8
Software can be replaced. Or have you never heard of alternative firmware? Etc.
The pushback by (many) companies is repair requirements after people botch repairs. If you break your phone or brick your tractor doing your own tinkering companies don’t want to be (and I don’t think they should be) responsible for free repair of consumer ignorance.
Freeloading? Companies make money. Money pays for further development.
Unearned? Only from people who don’t read what they agree to. You had the text in front of you. You agreed to it.
Clearly you require exact text so I will add “beyond the confines of criminal investigation with a proper warrant or court order”.
We can argue about selling support vs software. I’d generally be in agree with you. But if a company does not want to make their software open access, they have that right. And you have other choices. You can violate your agreement and (rightfully) lose support, or use a different company.
It would likely need to be modified to fit the requirements of the bill.
I did say “like”. A comparison.
That’s my point. Most, if not all, of this information is already available to users. Why should the company be forced to further grant access to proprietary methods of gathering what they already have access to? Access that immediately creates a new security concern?
They likely have to modify the code to grant external access. They then need to monitor that access to watch for bad actors who previously were not a concern before new forced internal access was forced upon them.
Re: Re: Re:9
Yes, but the replaced parts aren’t parts of the product you paid for. You paid for the software being in the product to make it function as expected.
And that’s a great excuse to prevent people from getting access to the code that runs on their own property. That doesn’t mean it’s a legitimate reason.
What they spend ill-gotten money on doesn’t change how they came about it.
Click through agreements still can contain unconscionable clauses. This is a topic where you could do some more research. But that’s also not the only way corporations make unearned profits.
No, not always.
Not everyone can afford other choices or have the skills to engage other choices. You’re saying that only the skilled and the privileged should benefit from other choices instead of expecting corporations to support their products.
Yes, the same way companies have to edit code to make interfaces comply with accessibility standards.
Except it wouldn’t actually do that. User hosted Mastodon doesn’t make 100 million a year. Like I said, you didn’t read the bill.
Except it’s not available in a useful format accessible by an API, which is the entire point of this.
It wouldn’t create new security concerns. They wouldn’t grant access to everything. Again, you didn’t read the bill.
They will know who is accessing the API. Again, and again, read the bill!
Re: Re: Re:10
I read the bill. I disagree with it. I believe in the right to repair, but also believe in the right of a company to not further support modified or self-repaired items.
If you want to be safe you stay in the box. If you go outside the box you do so without support.
Here, a company supplies information to the user already. I see no reason to force a company to change how it supplies that information. You agreed to receive that information in that form when you signed up.
If you don’t like the click through statement, don’t use it.
Re: Re: Re:2
You have no right to software. You (should) have the right to replace the part with the same or an alternative of your choosing but you (should never) have the right to modify proprietary software without the controllers express permission.