Violating Website ToS is Not a Crime

FrgMstr

FrgMstr

Just Plain Mean
Staff member
Joined
May 18, 1997
Messages
55,602
This actually all stems from the Oracle v. Rimini case filed ack in 2012. Rimini is actually an Oracle competitor on some fronts, and was using scripts to download documents on Oracle's servers that are offered up to Oracle users for support. Oracle's complaint boils down to the Rimini auto-download script being used. Oracle wanted Rimini to click on each document and download manually. Rimini is also reported part of another suit in which it downloaded a car.

This decision shores up the good precedent from 2012 and makes clear—if it wasn’t clear already—that violating a corporate computer use policy is not a crime.

Good news out of the Ninth Circuit: the federal court of appeals heeded EFF’s advice and rejected an attempt by Oracle to hold a company criminally liable for accessing Oracle’s website in a manner it didn’t like. The court ruled back in 2012 that merely violating a website’s terms of use is not a crime under the federal computer crime statute, the Computer Fraud and Abuse Act. But some companies, like Oracle, turned to state computer crime statutes—in this case, California and Nevada—to enforce their computer use preferences.
 
Yet an ToS or EULA can be used in court as proof as someone agrees to them or not.

Remember that mother whose child was sued by EPIC Games? One of the arguments, if I recall correctly, was about the ToS or EULA.
 
Everyone would download a car. You'd better believe when someone comes out with a 3d printer that can fully print cars, lots of people will get them and download designs of exact copies.

It shouldn't even go to court. A company's policy is not law. That doesn't change if it's a terms of service agreement or anything else.

If someone violates your terms of service, you stop providing them with service. That's all you can do. To think that it's been muddled around so badly that they thing it's enforceable by law is nuts.
 
I'm torn on this one.

Sure, if you make something public on a website, it ought to be public but this is only going to encourage and make the problem of data harvesting assholes worse.
 
Rulings like this literally flip flop depending on the judge the judge they are in front of on a regular basis. Everytime we gain some ground, we lose a ton.
 
The 9th circuit actually got a case right? I'm shocked. :eek:

I'm sure this will be overturned on appeal just like most their decisions.
 
Tiberian said:
The entire "You wouldn't download a car..." meme was funny for like 3 seconds years ago when it first appeared, but since then, yes, yes I would download a car:

Click to expand...


link to torrent? I think my school allows free use of the 3D printer for students.
 
nutzo said:
The 9th circuit actually got a case right? I'm shocked. :eek:

I'm sure this will be overturned on appeal just like most their decisions.
Click to expand...

While 80% of the 175 cases that went to the Supreme Court from the 9th Circuit between 1999 and 2008 were overturned (this is believed to be the source of the number quoted by several news agencies and the president), 114,199 cases from the 9th Circuit were appealed to the supreme court, meaning less than 0.12% of 9th Circuit cases were overturned within that timeframe. (The DC Circuit actually has more of its findings appealed than the 9th.) Generally speaking, SCOTUS doesn't take on appeals it deems without merit and therefore overturns a lot of the findings it chooses to hear. It's true that the 9th circuit has the highest percentage of appeals heard to cases overturned (except for the federal circuit which is a different animal) but it's not first by a large margin and we're talking numbers less than 0.2% total across all Circuits here.

It's also a pretty heavy oversimplification when the headline asks "Is Violating TOS a Crime?" The real question at issue here was, "Is using automation and tools not permitted by our TOS a violation of the CFAA?" Rimini was using a script to mass download documentation, which might have, under the wording of the CFAA and your definition of the word "unauthorized", been a violation. I don't agree on the simple principle that allowing corporations to choose based on fiat what access is criminal or not is generally a bad idea, but that would be a fault in the law, not the courts.
 
Last edited:
sirnephilim said:
While 80% of the 175 cases that went to the Supreme Court from the 9th Circuit between 1999 and 2008 were overturned (this is believed to be the source of the number quoted by several news agencies and the president), 114,199 cases from the 9th Circuit were appealed to the supreme court, meaning less than 0.12% of 9th Circuit cases were overturned within that timeframe. (The DC Circuit actually has more of its findings appealed than the 9th.) Generally speaking, SCOTUS doesn't take on appeals it deems without merit and therefore overturns a lot of the findings it chooses to hear. It's true that the 9th circuit has the highest percentage of appeals heard to cases overturned (except for the federal circuit which is a different animal) but it's not first by a large margin and we're talking numbers less than 0.2% total across all Circuits here.

It's also a pretty heavy oversimplification when the headline asks "Is Violating TOS a Crime?" The real question at issue here was, "Is using automation and tools not permitted by our TOS a violation of the CFAA?" Rimini was using a script to mass download documentation, which might have, under the wording of the CFAA and your definition of the word "unauthorized", been a violation. I don't agree on the simple principle that allowing corporations to choose based on fiat what access is criminal or not is generally a bad idea, but that would be a fault in the law, not the courts.
Click to expand...
Technically if your website is pubic, you've already authorized use of it. Trying to control how people use it, whether it's automation or saving copies or whatever is already beyond the point of CFAA. It was meant for authorization of access, such as in private data behind a password or some other locking mechanism.
 
Gigus Fire said:
Technically if your website is pubic, you've already authorized use of it. Trying to control how people use it, whether it's automation or saving copies or whatever is already beyond the point of CFAA. It was meant for authorization of access, such as in private data behind a password or some other locking mechanism.
Click to expand...

Oracle's docs are behind a login, which mostly fits the definition of private. (Trust me, my not having the company login for Oracle has led to no end of bureaucratic nonsense when it comes to fixing problems in my professional capacity.) That said, if one has "general" access to a site, with or without a login, I would say it would be on the site owner to limit access. It's almost ridiculously simple to limit the number of page requests from a single login. Heck, I've tried to archive webcomics for offline reading and have had to set HTTrack to an extremely slow rate to do it and that's not even behind a login page.

And I was actually (intentionally) off base with the CFAA bit. The most recent finding, independent of the 2012 ruling, was that this ridiculous doctrine doesn't apply in a couple of state cases either. (State courts tend to be less about federal law, even in view of the supremacy clause, and more about local politics. Just look at all of the big city findings that feeding the homeless is subject to laws meant for restaurants and food trucks.) Local laws that aren't overruled by the CFAA can still result in criminal proceedings for violating TOS, so these cases are actually pretty important.

But my real intent in posting was to debunk that utterly stupid statement that the 9th Circuit is constantly being overturned. That's patently false by any objective measure. Judges don't make rulings that they know will be overturned because it increases their workload (which is already extreme) and makes them look bad. Judges rule based on the law as it is written and precedent handed down by higher courts.
 
Chas said:
Yeah, say the term "activist judges" with a mouth full of shit.

And you just about capture the badness.
Click to expand...

It's a lot more grey than that, which is why the 9th circuit doesn't always get overturned by the supreme court.

A lot of it has to do with how you interpret laws. No matter how careful you may be when writing the laws, there are almost always multiple ways to interpret the written word, like this case in Maine which hinged on the use of an oxford comma.

Then there is the whole bit about constitutionality and how to interpret the constitution. Judges and legal scholars are pretty much split down the middle into two camps on how to interpret it. The originalists vs those who believe in a living constitution. The first camp believes in interpreting everything literally based on its original intent which is good in some respects but very difficult in others, as constitutional matters aren't always neatly decided by 18th century language and understanding.

The "living constitution" crowd on the other hand believes in reading the constitution to derive the values that guide our nation and applying them to more modern concepts as they arise.

I'm not enough of a legal scholar to lend credence to any one of these constitutional philosophies. I only understand enough to know that legal cases are often very much in the grey zone where it requires some value judgments in order to reach a conclusion. If they wren't at least slightly grey they would be throw out or settled before even going to trial. Usually the greyest of the grey cases are the ones that make it up to the appellate courts and the supreme court, as a court has already looked at it, come to a conclusion and left enough of a grrey zone to warrant an appeal.

Extremely rarely in law do you have straight up and down black and white cases.
 
You must log in or register to reply here.
Back
Top