Feeds

EFF fights Facebook bid to outlaw one-stop social apps

Opposes power play against aggregator site

Security for virtualized datacentres

A civil liberties watchdog has challenged Facebook's legal claims that an unauthorized third-party site that helps users login automatically violates criminal laws.

In a friend-of-the-court brief filed Monday, the Electronic Frontier Foundation said Facebook users have a legal right to choose how they access their accounts. It went on to argue that Facebook attorneys were misapplying California's criminal hacking statutes to prevent account holders from using alternative methods of accessing their data.

The brief comes in a lawsuit Facebook filed against Power Ventures, which offers a service that aggregates friends, messages and other data from a variety of social networking sites. In private communications and in court filings, Facebook has accused Power of violating California's criminal hacking law because Facebook's terms of service bar users from accessing their information through "automatic means."

"If Facebook's proposed construction of section 502(c) in this case is correct, millions of otherwise innocent internet users would potentially be committing frequent criminal violations of the law through ordinary, indeed routine, online behavior," EFF attorneys wrote.

"Similarly, allowing a private party to define criminal conduct merely by sending a letter complaining about a competitor's computer usage puts far too much power in the hands of private entities that in doing so may or may not have consumer rights and the public interest at heart."

Using Power's web-based service, a user can automatically view all his content from Twitter, LinkedIn, Orkut and Hi5 on a single screen. That eliminates the hassle of logging in to each account separately and sifting through messages and friend requests for each individual service.

While most social networking sites are willing to work with Power, Facebook objected. After its attorneys sent cease-and-desist letters and filed a complaint in federal court, Power stopped making its service available to Facebook users.

It's worth noting that Facebook's attempts to stop users from accessing their content through alternate means isn't much different than Apple deciding what apps can run on its iPhones and iPads. What sets the social networking site apart here is its invocation of criminal statutes to control the way people access content that per Facebook terms of service belong to the users who created it.

Facebook's legal theory is also notable because, taken to extremes, it threatens anyone who skirts any terms of service, such as requirements to include a person's true age, birth date or occupation in user profiles. Federal prosecutors pursued a similar track when they filed felony charges against a woman involved in creating a fake MySpace profile. The judge overseeing the case, noting fundamental problems with that strategy, eventually acquitted her.

Facebook spokesman Barry Schnitt defended the action on the grounds that Power "scrapes" user content, in violation of its terms. By then making the data available through Power's own website, the service can violate user privacy by airing restricted pictures and messages to world+dog.

"Facebook believes Power subverts privacy settings and choices people have made on Facebook by scraping their data and taking it somewhere else," he told The Reg.

In a statement, Facebook went on to say the site had no intention of criminalizing user access through automated means.

"We have sued Power to prevent Power - a third party with unknown security safeguards and data use practices - from accessing user data without adhering to the safeguards that apply to all developers and are intended to enforce the privacy decisions people make on Facebook."

A hearing on motions for summary judgment filed by both sides in the case is scheduled for June 7 before US District Judge James Ware in San Jose, California. A PDF of the EFF's Amicus Curiae filing is here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.