Start-up falls afoul of computer crime laws

By on
Start-up falls afoul of computer crime laws

Proxy system weighs on battle with Facebook.

Social network aggregator Power Ventures has been found to have violated computer crime laws over the way it sought to interface with Facebook, a court has ruled.

A judgment [pdf] handed down by the Northern District Court of California found that Power "circumvented technical barriers to access Facebook [sic] site, and thus accessed the site 'without permission'" under California penal code section 502.

Power Ventures had been hoping to set up an aggregation website that could surface data from multiple social networks.

The latest ruling has been criticised as a troubling precedent by the Electronic Frontier Foundation (EFF), which submitted an amicus brief (as a so-called 'friend of the court') in earlier hearings.

It overturns a 2010 judgment which found in favour of Power.

"Facebook's case against Power is dangerous as a matter of policy, threatening to put the power of law - including serious criminal penalties - behind Facebook's anti-competitive decision to thwart consumer choice and innovation that doesn't meet its approval," the EFF said in a blog post.

"It doesn't bode well for the future and should encourage all of us to think more seriously about the collateral problems created by closed networks."

Chop-and-change IPs

Facebook's security incident response team had attempted to block to contain alleged spamming of Facebook users.

Team manager Ryan McGeehan spent "at least three or four days of his own engineering time addressing security issues presented by Power", according to the judgment, including the initiation of IP blocks.

McGeehan initially blocked "what appeared to be [Power's] primary IP address". Days later it was determined Power was still accessing the site but with different IPs. Facebook blocked those, too, "in a game of cat and mouse".

The court heard expert testimony that Power created code that embedded "a number of routines to avoid being blocked by websites like Facebook, including the use of proxy servers".

"The code would routinely monitor each server to see if an IP address was blocked and change the IP address if it was," the expert report noted.

A transcript of a discussion between CEO Vachani and a staff member described plans to use "rotating IPs" to avoid being detected by another social network, Orkut.

"We need to plan this very carefully since we will only have once chance to do it... we might need to rotate with over 200 IP's or even more to do it perfectly," Vachani is quoted as saying.

The court found "Vachani's own statements provide compelling evidence that he anticipated attempts to block access by network owners and intentionally implemented a system that would be immune to such technical barriers."

The EFF said that finding Power violated US state and federal computer crime laws was dangerous because the laws "have both civil and criminal penalties".

"EFF is concerned that this precedent could be used in the future to criminalise the creation of tools that are capable of bypassing technological barriers, even if they are never actually used to do so, forcing innovators to anticipate every technical block that any interoperable system or program might possibly impose," the foundation said.

"This is an unworkable rule."

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia


Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?