- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Computerworld - Public website owners have the right to selectively block users from their sites and anyone who intentionally circumvents those blocks may be violating provisions of the Computer Fraud and Abuse Act (CFAA), a federal judge in California ruled Friday.
The ruling involves a dispute between Craigslist and 3Taps Inc., an online ad aggregator that basically copies and republishes online ads.
Craigslist claimed that 3Taps scrapes, collects and reposts all of Craigslist's classified advertisements in real time. In 2012, Craigslist sent a cease-and-desist letter asking 3Taps to stop accessing its website. Craigslist also separately configured the site to block access to it from any IP address associated with 3Taps.
However, 3Taps used IP rotation technology and proxy servers to bypass the blocks and continued to harvest and repost data gathered from Craigslist.
In a lawsuit filed in the U.S. District Court for the Northern District of California, Craigslist accused 3Taps of copyright infringement and of "unauthorized access" to its website as defined under the CFAA. Craigslist alleged that 3Taps had not only violated Craigslist's Terms of Service but had also deliberately circumvented Craigslist's IP blocking measures.
3Taps admitted that it intentionally circumvented the blocking. But in a motion to dismiss the lawsuit, 3Taps noted that Craigslist, by making its website publicly available, had essentially authorized the entire Internet to access and use its content. The company claimed that allowing owners of publicly accessible websites to selectively block individuals and groups was dangerous and contrary to the notion of a free and open Internet.
In a 13-page ruling, District Court Judge Charles Breyer dismissed those arguments and held that 3Taps had accessed Craigslist without specific authorization from the website owner.
"The law of trespass on private property provides a useful, if imperfect, analogy," Breyer wrote in his ruling. "Store owners open their doors to the public, but occasionally find it necessary to ban disruptive individuals from the premises. That trespass law has enforced those bans with criminal penalties has not, in the brick and mortar context, resulted in the doomsday scenarios predicted by 3Taps in the Internet context."
Even though Craigslist set up a public website, it was still within its rights to selectively block people it considered undesirable. There is nothing in the CFAA that specifically prohibits websites such as Craigslist from blocking people from their sites on a case-by-case basis, Breyer noted.
"Here, under the plain language of the statute, 3Taps was 'without authorization' when it continued to pull data off of Craigslist's website after Craigslist revoked its authorization to access the website," Breyer wrote.
The key point to consider is not the cease-and-desist letter, but the fact that Craigslist used specific IP blocking technology to keep 3Taps away.
It was "a clear signal from the computer owner to the person using the IP address that he is no longer authorized to access the website," Breyer noted. 3Taps indisputably knew that Craigslist was blocking access its site, but it went ahead anyway by circumventing the barrier Craigslist had in place, he noted.
Originally published on www.computerworld.com. Click here to read the original story.