Legal Issues

by Mike Masnick


Filed Under:
access, cfaa

Companies:
3taps, craigslist, eff, padmapper



Accessing A Public Website Is Not A Crime, And Craigslist Should Back Away From Its Lawsuit Claiming Such

from the bad-legacy dept

We've written a few times about Craigslist's unfortunate and misguided lawsuit against 3taps and Padmapper, companies which aggregated Craigslist data, allowing others to build useful services on top of Craigslist, driving additional traffic and usage back to Craigslist. It's upsetting on the basic level that Craigslist is attacking companies that make its data more useful, and it's doubly upsetting given that Craigslist itself is generally such a big supporter of basic internet freedoms and good policy online. To see it so aggressively attack some other innovators -- with very broad and dangerous interpretations of both copyright law and the Computer Fraud and Abuse Act (CFAA) is immensely troubling. Perhaps more troubling is that the district court initially bought some of Craigslist's expansive arguments on both fronts (while pushing back on the most extreme arguments). Still, the ruling was dangerous on many levels, and now the EFF (which often works with Craigslist on things) has filed an amicus brief arguing against this dangerous interpretation.

Specifically, the EFF is (quite reasonably) concerned about the court's ruling that said because Craigslist sent a cease and desist letter to 3taps, and 3taps changed its IP address and continued visiting Craigslist's site, that it had violated the CFAA -- even though the website was freely available to the public.
The CFAA does not and should not impose liability on anyone who accesses information publicly available on the Internet. Because the CFAA and Penal Code § 502 imposes both civil and criminal liability, it must be interpreted narrowly. That means information on a publicly accessible website can be accessed by anyone on the Internet without running afoul of criminal computer hacking laws. In the absence of access, as opposed to use, restrictions, Craigslist cannot use these anti-hacking laws to complain when the information it voluntarily broadcasts to the world is accessed, even if it is upset about a competing or complementary business.
EFF points out, both in its blog post and in its filing, how much Craigslist itself benefits from an open internet, and why it's not good that it's now fighting against that very principle.
But benefits to this openness remain and Craigslist itself is a notable example of these benefits. Craigslist provides a popular and wide reaching classified advertising service, allowing people to post mostly free classified ads that can be seen by anyone anywhere in the world without charge. Craigslist claims that 60 million people use Craigslist in the United States each month, that 100 million classified ads are posted each month and that the site receives 50 billion page views per month. It receives 2 million new job postings a month, supports advertisements posted in 13 different languages and has more than 700 local sites in 70 countries. It is one of the 25 most visited websites in the United States.

Craigslist’s enormous success is a result of its openness: anyone anywhere can access any of its websites and obtain information about apartments for rent, new jobs or cars for sale. Its openness means that Craigslist is the go to place on the web for classified ads; it users post on Craigslist because they know their ads will reach the largest audience.

But what Craigslist is trying to do here is to use the CFAA’s provisions to enforce the unilateral determinations it has made concerning access to its website, an Internet site that it has already chosen to open up to the general public, attempting to turn a law against computer hacking into a new tool. But prohibiting access to an otherwise publicly available website is not the type of harm that Congress intended to be proscribed in the CFAA, and nowhere in the legislative history is there any suggestion that the CFAA was drafted to grant website owners such unbridled discretion.
Hopefully the court recognizes the troubles of its earlier ruling, and Craigslist also recognizes the folly of this approach.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Ed C., 21 Jun 2013 @ 8:49am

    I don't know if those sites' use of Craigslist run afoul of the Terms of Service agreement, but most mundane violations are not hacks. If accessing a service that's open to the pubic is "hacking", then accessing a store that's open to the public is "trespassing".

    To put this into a real world context, stores usually have policies that dictate what is or isn't appropriate conduct for their patrons. These include the typical "no shirt, no shoes, no service" policy, or being overly loud or rude to other customers. Even though none of them are inherently illegal, they can get you escorted out by store security all the same. The store can even refuse service to repeat offenders. These are the sorts of things that are akin most the typical website TOS violations.

    However, getting into things that private to an individual or to the company is what crosses the line. Things like digging through a customer's unattended bag or picking the lock on the managers office can get you arrested. Similarly, hacking involves unauthorized access to information or services that are private to an individual or to the company. Things like bypassing an authentication system to access individual email accounts or gaining access to a website's internal database.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.