Right? Isn’t this a textbook DMCA violation?
Comment on Perplexity AI is complaining their plagiarism bot machine cannot bypass Cloudflare's firewall
Glitchvid@lemmy.world 3 weeks ago
When a firm outright admits to bypassing or trying to bypass measures taken to keep them out, you think that would be a slam dunk case of unauthorized access under the CFAA with felony enhancements.
jve@lemmy.world 3 weeks ago
WhyJiffie@sh.itjust.works 3 weeks ago
for us, not for them. wait until they argue in court that actually its us at fault and we need to provide access or else
GamingChairModel@lemmy.world 3 weeks ago
Fuck that. I don’t need prosecutors and the courts to rule that accessing publicly available information in a way that the website owner doesn’t want is literally a crime. That logic would extend to ad blockers and editing HTML/js in an “inspect element” tag.
EncryptKeeper@lemmy.world 3 weeks ago
That logic would not extend to ad blockers, as the point of concern is gaining unauthorized access to a computer system or asset. Blocking ads would not be considered gaining unauthorized access to anything. In fact it would be the opposite of that.
GamingChairModel@lemmy.world 3 weeks ago
And my point is that defining “unauthorized” to include visitors using unauthorized tools/methods to access a publicly visible resource would be a policy disaster.
If I put a banner on my site that says “by visiting my site you agree not to modify the scripts or ads displayed on the site,” does that make my visit with an ad blocker “unauthorized” under the CFAA? I think the answer should obviously be “no,” and that the way to define “authorization” is whether the website puts up some kind of login/authentication mechanism to block or allow specific users, not to put a simple request to the visiting public to please respect the rules of the site.
To me, a robots.txt is more like a friendly request to unauthenticated visitors than it is a technical implementation of some kind of authentication mechanism.
Scraping isn’t hacking. I agree with the Third Circuit and the EFF: If the website owner makes a resource available to visitors without authentication, then accessing those resources isn’t a crime, even if the website owner didn’t intend for site visitors to use that specific method.
Glitchvid@lemmy.world 3 weeks ago
When sites put challenges like Anubis or other measures to authenticate that the viewer isn’t a robot, but they employ measures to thwart that authentication (via spoofing or other means) I think that’s a reasonable violation of the CFAA in spirit — especially since these mass scraping activities are getting attention for the damage they are causing to site operators (another factor in the CFAA, and a factor that would promote this to felony activity.)
The fact is these laws are already on the books, we may as well utilize them to shut down this objectively harmful activity AI scrapers doing.
EncryptKeeper@lemmy.world 3 weeks ago
How would you “authorize” a user to access assets served by your systems based on what they do with them after they’ve accessed them? That doesn’t logically follow so no, that would not make an ad blocker unauthorized under the CFAA. Especially because you’re not actually taking any steps to deny these people access either.
AI scrapers on the other hand are a type of users that you’re not authorizing to begin with, and if you’re using CloudFlares bot protection you’re putting into place a system to deny them access. To purposefully circumvent that access would be considered unauthorized.
finitebanjo@lemmy.world 2 weeks ago
Site owners currently do and should have the freedom to decide who is and is not allowed to access the data, and to decide for what purpose it gets used for. Idgaf if you think scraping is malicious or not, it is and should be illegal to violate clear and obvious barriers against them at the cost of the owners and unsanctioned profit of the scrapers off of the work of the site owners.
Demdaru@lemmy.world 3 weeks ago
Ehhhh, you are gaining access to content due to assumption you are going to interact with ads and thus, bring revenue to the person and/or company producing said content. If you block ads, you remove authorisation brought to you by ads.
HK65@sopuli.xyz 3 weeks ago
There was no header on the request saying I want ads though
EncryptKeeper@lemmy.world 3 weeks ago
That doesn’t make any logical sense. You cant tie legal authorization to an unsaid implicit assumption, especially when that is in turn based on what you do with the content you’ve retrieved from a system after you’ve accessed and retrieved it.
gian@lemmy.grys.it 2 weeks ago
Carefull, this way even not looking at an ads positioned at the bottom of the page (or anyway not visible without scrolling) would mean to remove authorisation brought to you by ads.
cm0002@piefed.world 3 weeks ago
You say, just as news breaks that the top German court has over turned a decision that declared "AD blocking isn't piracy"
EncryptKeeper@lemmy.world 3 weeks ago
Unauthorized access into a computer system and “Piracy” are two very different things.
kibiz0r@midwest.social 3 weeks ago
They already prosecute people under the unauthorized access provision. They just don’t prosecute rich people under it.
GamingChairModel@lemmy.world 3 weeks ago
They prosecuted and convicted a guy under the CFAA for figuring out the URL schema for an AT&T website designed to be accessed by the iPad when it first launched, and then just visiting that site by trying every URL in a script. And then his lawyer (the foremost expert on the CFAA) got his conviction overturned:
www.eff.org/cases/us-v-auernheimer
We have to maintain that fight, to make sure that the legal system doesn’t criminalize normal computer tinkering, like using scripts or even browser settings in ways that site owners don’t approve of.