[HN Gopher] Facebook sues two Chrome extension makers for scrapi... ___________________________________________________________________ Facebook sues two Chrome extension makers for scraping user data Author : dane-pgp Score : 130 points Date : 2020-10-02 12:27 UTC (10 hours ago) (HTM) web link (www.zdnet.com) (TXT) w3m dump (www.zdnet.com) | kerng wrote: | This is funny, its like Facebook is suing itself - what a strange | world we live in. | stanrivers wrote: | This is interesting - instead of suing under the idea that | scraping itself is wrong (courts have ruled that public | information that you can get on websites can be scraped... I | think it is something like 50%+ of web traffic in the U.S. is bot | traffic), they are suggesting that scraping through a logged-in | account is somehow different. | | If the user of the account consents to have the plugin installed | on their computer and is made aware that the plugin will scrap | this data, you could argue that there is nothing wrong here. | | However, people post on Facebook under the idea that the | information they share will only be viewable by their friend | group (or as dictated by their privacy settings). | | That's where this gets interesting... does the friend group of | the person with the plugin have any rights to privacy that | dictate what the person with the plugin can do with their data? | | If I take a picture of a newsfeed, for example, that has | information my friends have posted, and share that somehow - am I | violating their privacy _legally_? | | If not, how is this different? | | Will be interesting to follow this one. | devit wrote: | Pretty sure that either the user is not aware at all of the | scraping, or anyway the scraping is not done in the user's | interest and the user is not in a position to fully understand | the implications, so it is a clearly malicious operation. | | In other words, they are abusing the user's trust to access the | user's private data for their own profit, hence defrauding the | user, and engaging in unauthorized access to the data shared | between the user and Facebook without either party's full | informed consent. | colinmhayes wrote: | I don't think facebook is serving ads in the users interest | and the user doesn't understand the implications either. The | user has to understand that there's no free lunch. | philjohn wrote: | It's a GDPR lawsuit waiting to happen, no? | frenchyatwork wrote: | This is also interesting, because people (mostly my friends) | also use Facebook as a tool to share pictures and other PII | about me without my consent. In that regard, I don't know if | there's a clear difference between Facebook and these | extensions. | neves wrote: | Really impressive is that the extensions are still in Chrome | Store. Why didn't Facebook ask Google to remove them? | gildas wrote: | They are not. | worstenbrood wrote: | _Inserts spider-man pointing meme_ | Spivak wrote: | This is going to forever be the disconnect between privacy | advocates and companies handling user data. | | For FB/Google and other data stewards privacy means keeping | your data safe from others because they consider themselves a | trusted party. | dhimes wrote: | If not a trusted party, they perhaps more importantly | consider it a competitive advantage that they'll defend my | any means available. | arcturus17 wrote: | What they tell the public - and even delude themselves with | -, versus what really drives them. | esperent wrote: | What Facebook considers is not what matters though. They've | shown time and time again that they are terrible stewards of | people's private data. They should not be a trusted party, | and Google isn't far behind. Being sympathetic to their point | is view when it comes to privacy is entirely the wrong angle | to take. | [deleted] | stevenicr wrote: | I've wondered if something like this was coming for | honey/joinhoney extension.. | | Sure pulling info from PortalX that us public is on thing - but | what if Amazaon starts adding coupon codes for logged in users | only? or even if not logged in, but recognized user - adds | special promo price for doing thing Y.. at that point they are | scraping non-public data. They would also be using that data for | other purposes than just the single user who is accessing it - | most likely.. | | I find the lack of privacy discussing in the joinhoney ads I've | heard to be a bit distressing personally. | | Just looked at their privacy policy, and I wonder if "Honey does | not track your search engine history, emails, or your browsing on | any site that is not a retail website (a site where you can shop | and make a purchase)" | | Is purposefully trying put into user's mines, retail, you know | like home depot, bed bath, etc.. but the way it's written can | include online retail portals.. but with "(a site where you can | shop and make a purchase)"" added as a qualifier - wouldn't this | include pornhub and similar places? | | Fingers crossed the browser makers will include on-off toggles | for extensions soon - similar to how uBlock origin has - would be | great to have a whitelist list of sites that I could have my | browser remind me that I can turn on SpyShoppingExtensionToCheck | - then auto turn off when leaving set list.. | | I avoided so many chrome extensions that said 'perms to view / | change all web pages/ - even though I may have really wanted to | use them on blankTube and yaddaTube - I didn't want them reading | all web pages, and the current UI for turning off and on is not | optimal imho. | johnward wrote: | For those that don't know, there was a public case about the | legality of scraping involving HiQ and LinkedIn | (https://www.forbes.com/sites/emmawoollacott/2019/09/10/linke...) | | TL;DR; It was considered to be legal because HiQ were scraping | public profiles. | | This case may be a little bit different because these scrapers | seem to target both public and private data. | | Also see: https://medium.com/@tjwaterman99/web-scraping-is-now- | legal-6... (which mentions a facebook example very similar to | this) | beagle3 wrote: | It is also different because the scrapers are acting as agents | of individual users. | | Those individual users likely go against FBToS in doing so - | but the browser extension maker is not a party to those ToS. | extra88 wrote: | > the scrapers are acting as agents of individual users. | | According to the article, it's the reverse, the individual | users are acting as paid agents of the scrapers, a proxy | giving scrapers access to data through the users' access to | Facebook. | beagle3 wrote: | The extension is still impersonating or watching the user, | with full permission from the user (acting as its agent, | it's UserAgent even) - if anyone broke FB's ToS, it's the | user, not the maker of the extension. | | I wonder what legal principle gives Facebook standing to | sue the makers of the extension. | extra88 wrote: | Even if the specific act of letting the extension run is | the fault of each user and presumably means they each | violated Facebook's ToS, they can probably sue the | extension makers for bribing the users to violate the | ToS. | | Each user only chooses to install the extension, the | extension makers choose what data to scrape and I'm sure | at least some of what's scraped truly belongs to | Facebook, not their users or customers. | | If a Facebook account can be considered a technological | barrier protecting intellectual property, they could sue | under DMCA anti-circumvention provisions. The users | installing the extension could be accomplices but they're | not really the ones scraping and collecting the data. | beagle3 wrote: | > If a Facebook account can be considered a technological | barrier protecting intellectual property, they could sue | under DMCA anti-circumvention provisions. | | It would also likely make screen readers, screenshots, | and many other things illegal. I don't think it can be | considered a "technological barrier", but who knows what | courts will decide. | | That said, I'd be surprised if that's the angle Facebook | is taking - because they did (and still do) the same | thing with their phone apps collecting ("scraping") | address book records and uploading them to facebook | servers -- and that would be an estopple-able admission | of guilt if they do (even if the courts decide against | them in THIS particular case). | | I'll wait till more details come out. | edmundsauto wrote: | IANAL, but if I make a tool whose purpose is to violate | the FB ToS, I could be liable under torturious | interference (I think that's what it's called). | Basically, I can't make money off of things that violate | other people's contracts. | Reelin wrote: | I think tortious interference | (https://en.wikipedia.org/wiki/Tortious_interference) | requires having the specific intention of causing the | violation to occur. Not just that one party happened to | be motivated to break contract because of something you | did but rather that your actions were motivated by | specifically trying to get them to break the contract _in | and of itself_. | beagle3 wrote: | Do you know which jurisdictions have a precedent of ToS | being considered a contract? | | Being a one-sided, no negotiation and with no "meeting of | minds", most European jurisdictions won't consider this a | contract -- facebook can kick any user out, but it is | unlikely they could recover damages from anyone (or have | standing). At least that's my impression -- though US | courts, especially in states that have UCITA or similar, | are more likely to consider this a contract. | | edit: I've found two jurisdictions, and both of them | require proof of actual economic harm for standing (among | many other things). I'll wait for more specific details | about Facebook's approache..... | Reelin wrote: | In the US at least, yes, but it varies based on the | specific situation. | (https://law.stackexchange.com/questions/13549/) | muunbo wrote: | In other news, the pot calls the kettle black | akersten wrote: | Facebook should lose this one. Secret shopping isn't illegal, and | using tools to secret shop isn't illegal either. Going after | camera manufacturers because they are tools used to secret shop | _certainly_ isn 't illegal, even if the camera was called the | "SecretShopper 3000" and paid you to do it. | | The users on the other hand, if they were unaware of what the | extensions were doing in exchange for that money, might have a | case against the extension manufacturers. But how could Facebook | possibly have standing? | | Not a lawyer, the above are feelings. | ffpip wrote: | Even amazon does this. | | https://chrome.google.com/webstore/detail/alexa-traffic-rank... | | 700k users | ceejayoz wrote: | Is there any evidence Amazon is scraping user profile data, | friends lists, etc. with that? | | "Measuring traffic" and "harvesting data" aren't the same. | postalrat wrote: | It's advertised to scrape search queries. I assume it could | be scraping other information as well. | | Is there any evidence it is not? | safog wrote: | I guess to take this one step further, if these extensions become | ad platforms by themselves and replace ads that facebook puts in | your feed w/ their own ads, what would happen? | | uBlock origin (basic) - blocks facebook tracking, does not track | you, inserts non personalized ads. | | uBlock origin (premium) - 1$ / mo. Blocks all ads. | | As an example. | cookiengineer wrote: | > if these extensions become ad platforms by themselves and | replace ads that facebook puts in your feed w/ their own ads, | what would happen? | | This is literally what ISPs do these days. | jefftk wrote: | ISPs injecting ads is one reason that everything should be | HTTPS now | neilparikh wrote: | Doesn't the Brave browser do this? | lgats wrote: | I wonder if this will go the way of the LinkedIn profile scraping | case: | | https://news.ycombinator.com/item?id=21241395 | | https://news.ycombinator.com/item?id=22180559 | lukejduncan wrote: | Didn't LinkedIn lose a lawsuit that forced them to allow | scraping? How does that not apply here? | dane-pgp wrote: | I wonder if the court would rule differently if the extensions | were designed to enable interoperability with other social | networks. Admittedly it would be a rather awkward UX if you had | to browse pages in FB before returning to your preferred social | network to view the scraped data there. | SimeVidas wrote: | What does scraping user data from Facebook mean? Deleting it? | [deleted] | cookiengineer wrote: | Scraping != Scrapping. | | One is acquiring data on a large scale, the other one is | throwing data in the trash. | shajznnckfke wrote: | If people are going to be mad at Facebook for allowing Cambridge | Analytica to get access to user data by tricking users into | providing access to their data on Facebook by installing apps, | they really ought to support Facebook in the effort to block | these entities who are pulling the same scheme with chrome | extensions. | asdfasgasdgasdg wrote: | Not only that, but recognize that any location where people | share information about themselves is susceptible to attacks | like this. Even personal blogs. If you make it so that your | friends can see things about you, and your friends are wont to | install extensions, then you are vulnerable to this kind of | attack. Decentralized open source solutions will not help with | this problem. Quite the opposite: who will fund the lawsuit? | shajznnckfke wrote: | Facebook had to dedicate some resources to even go looking | for extensions like this. They only have 5000-10000 installs. | IMO it demonstrates a change in the company's attitude toward | protecting user data from the old days of letting people | download the entire social graph of the US. | | And there is a real trade-off here. 10 years ago everyone | would be hating them for cracking down on the open web if | they did this, and calling it anti-competitive to silo user | data. | wolco2 wrote: | Isn't that what they are doing. I'm not a big fan of | facebook policing others while they horde data themselves. | asdfasgasdgasdg wrote: | They view themselves as an agent of their users. The | users willingly give them data, with the intention of | sharing it with a select audience. As the user's agent, | one should generally abide by their wishes, and | especially prevent the data from being shared further | abroad than the user intended. | bredren wrote: | I'd argue most Facebook users do not know the difference | between what FB does with their personal info and what | this other organization does. | | For those that installed the extension, one is Facebook, | one gives free gift cards. Both are "okay." | | So I don't see this as protecting users so much as | ensuring no one else monetizes their data. | asdfasgasdgasdg wrote: | It's not about the user who installs the extension. It's | about the user's friends. | ysavir wrote: | Unless Facebook stopped creating shadow profiles of non- | users (have they? I'm not a user and don't keep up with | it) I don't think they have a leg to stand on. | Jon_Lowtek wrote: | > Facebook had to dedicate some resources to even go | looking for extensions like this. | | Its called "data abuse bounty program" | | You find an app like this, rat them out to facebooks legal | team, you get a small bounty and FB sues them for fame and | profit. | shajznnckfke wrote: | Interesting if you can get a bug bounty for reporting | this. I think if an enterprising bounty hunter heard | about that, a bunch of anonymously authored extensions | might start mysteriously appearing. It might pay better | than building web apps for people on upwork. | tqi wrote: | Yeah it's interesting to me that people are disregarding the | parallels. Is Facebook responsible for keeping your (and your | friends) data out of 3rd party hands or not? Maybe if the | makers of these extensions were affiliated with GOP PACs... | | EDIT: Also to be clear, I do think it is Facebooks | job/responsibility/obligation | Reelin wrote: | > Is Facebook responsible for keeping your (and your friends) | data out of 3rd party hands or not? | | They are responsible for the activity that they directly | facilitate on their own platform. They have legal authority | over the interactions they directly engage in (ie with | users). They have no say (legally or otherwise) over what | goes on outside the bounds of their own platform and thus no | responsibility for it. | | Regulators, not individual actors, are the ones with | authority over the broader ecosystem. GDPR and CCPA are | examples of such. | | What's next, should Google be permitted to publish a ToS | forbidding access to their services with non-Chrome browsers | and then legally pursue other browser makers for facilitating | the violation of their ToS? | ganzuul wrote: | Not if you follow the money? CA was an FB customer, weren't | they? | shajznnckfke wrote: | My understanding is that CA got the data by building a free | quiz app on Facebook's platform (I don't think FB was getting | paid for that, correct me if I'm wrong). The difference is | that the quiz app used Facebook's developer-facing APIs to | access the data, whereas these Chrome extensions are | hijacking the user agent to access the data via Facebook's | browser-facing APIs. I don't think it makes a difference as | to whether Facebook ought to try to stop the data collection | to prevent the another CA-type scandal, and to protect itself | from the resulting uproar. The fact that the extension | developers haven't made any agreement with FB means that FB | needs different legal tools to try to shut it down, and | perhaps they won't succeed. | ganzuul wrote: | A quick search indicates they have free plans up to a | certain number of active users and then you need to call | them. So apparently they keep their pricing secret. | amelius wrote: | But what if I want to periodically scrape my facebook data to | migrate to a different platform? | scared2 wrote: | You can directly request it from the platform. No need to use | a crappy extension. | amelius wrote: | Yes, but that only gives me my own data. I might want to | export events to a different platform, including which of | my friends go to these events. | | Also, I might want to read my friends' posts on a different | client. | joshuamorton wrote: | That very quickly veers into territory that violates | facebook's terms of service. | Reelin wrote: | > tricking users into providing access to their data on | Facebook by installing apps | | > same scheme with chrome extensions | | These are very different things. One took place via Facebook's | own platform while the other did not. | | If their own platform officially allowed for third parties to | collect user data, it is reasonable to complain about that | being the case. | | If their own platform explicitly forbid collecting user data in | such a manner but they stood by and let it happen anyway, it | seems reasonable to object to that. | | I don't see how it's any of their business what a legitimate | user does with their own data after it's been sent to them (ie | the page loads). I suppose they could add a provision to their | ToS disallowing such use; if a violation were discovered they | could ban the user in question. But a third party almost | certainly never agreed to such a ToS. It's not the existence of | the program that violates the contract but rather a specific | instance of its usage. | [deleted] | ballenf wrote: | The gall of FB is amazing considering how recently they did the | exact same thing: | | https://techcrunch.com/2019/01/29/facebook-project-atlas/ | | That's where FB paid teens to install a root cert on phones that | tracked every thing the users did for market research. And then | paid them for it. | yuliyp wrote: | What? the Atlas thing is recording what a set of people do, | passively. These extensions are actively scraping extra data | from web sites beyond what the user is doing. | fxtentacle wrote: | Company scraping your data everywhere on the internet sues | someone for scraping data on their part of the internet. | | ^_^ | | I hope that the judge will require Facebook to stop scraping | themselves first, before they request others to stop it, too. | djohnston wrote: | any sources on data that FB is scraping about you? | monadic2 wrote: | This has got to be a joke. | macNchz wrote: | Given their tracking pixels are installed on at least 8 | million websites(1), they are effectively watching everything | you do on a large proportion of popular/commercial websites. | | They were also caught a few years ago asking users to "verify | their emails" by providing Facebook their email account | password(2), after which FB's servers logged into the user's | email account and scraped their contacts out without warning. | | They also acquired a popular VPN app explicitly so they could | comb through the users' traffic data and identify competing | apps for acquisition.(3) | | In my opinion it's core to how the company has always been. | Facebook's predecessor, or perhaps first iteration, FaceMash, | was a hot-or-not game based on student photos scraped from | Harvard's internal websites(4). | | [1] https://theoutline.com/post/4578/facebook-is-tracking- | you-on... | | [2] https://www.theverge.com/2019/4/18/18485089/facebook- | email-p... | | [3] https://techcrunch.com/2019/02/21/facebook-removes-onavo/ | | [4] https://www.thecrimson.com/article/2003/11/19/facemash- | creat... | ccktlmazeltov wrote: | the pixel is installed by web developers, the same way | google analytics or any script is setup on a website. | aeternum wrote: | Which makes it even worse. At least with the extension | the user is deciding to install it. | | In the webpage case, the web developer is choosing to | provide the user's data to Facebook or Google (without | the user's consent). The vast majority of people don't | even understand how this works and think that Facebook | can only see activity performed on Facebook itself. | ciarannolan wrote: | > They were also caught a few years ago asking users to | "verify their emails" by providing Facebook their email | account password(2), after which FB's servers logged into | the user's email account and scraped their contacts out | without warning. | | Why aren't developers in jail for this? Breaking into | someone's email account and exfiltrating their data - | disgusting. Clicking "OK" on a 500 page ToS doesn't get you | out of this. | | I'm so sick of this criminal behavior being brushed off as | "growth hacking", "move fast and break things", or some | other bullshit. The people creating this garbage should | feel some shame and face real consequences. | paulryanrogers wrote: | They had been scraping contacts from email inboxes and | devices, IIRC | yuliyp wrote: | FB asks you explicitly if you want to upload your contacts | as part of helping you find your friends. That's a far cry | from "scraping your data everywhere on the internet" from | the your grandparent post. | pixl97 wrote: | Not years ago they did not. Phones didn't even have | security options to ask at that time. | monadic2 wrote: | Off-hand I suspect your contact book is more valuable | than virtually anything publicly available on you. It's | also entirely unnecessary to building a lookup-by-email | or lookup-by-phone. I'm going to go ahead and say it's a | much more evil practice than scraping. | junon wrote: | They scrape all of your contacts and create ghost profiles to | better track connections of even people who do not use their | services. | | Apple does this too. Well, did - not sure if they still do. | gitpusher wrote: | > Apple does this too | | This doesn't sound familiar. What case(s) are you referring | to? | crazygringo wrote: | This is actually fascinating, legally. What are they suing them | for? Under what law or legal principle? | | A maker of extensions never agrees to Facebook's ToS in the first | place, so there's no breach of contract. | | It would seem that only individual users could in theory be sued, | though obviously Facebook would never do that because of the PR | nightmare. | | IANAL, so I'm really curious if anyone thinks Facebook could win | this in court? (Regardless of whether it works by threatening to | drown the extension maker in legal costs.) | henryfjordan wrote: | Looks like they are suing under breach of contract, because | employees of the companies had FB accounts and therefore broke | the ToS, as well as unjust enrichment. The actual complaint is | here: | | https://www.scribd.com/document/478333898/Facebook-lawsuit-v... | wolco2 wrote: | The defense is to put in a legal bullet point that anyone who | has ever worked or represented facebook cannot legally | download or use this extension. | crispyporkbites wrote: | Hold up- so if Facebook puts any clause in their ToS, I could | be sued by them for breaching it? I agreed to create an | account there, but I didn't read or understand the TOS. | | Does deleting my account help? Or can they say in their tos | that it's perpetual? And oops I already agreed to that)l | [deleted] | extra88 wrote: | > What are they suing them for? Under what law or legal | principle? | | The Computer Fraud and Abuse Act (CFAA) allows for civil cases. | The law prohibits accessing a computer without authorization, | or in excess of authorization. This isn't a case of users | knowingly using a tool to scrape data for their own use, the | users installing the extension are, at most, mules, for the | extension makers. | | Alternately, maybe copyright infringement. Some of the data are | considered facts, that are not copyrightable (even in | aggregate, in the U.S.) but at minimum, the actual content of | ads scraped is copyrightable. There might be a question of | whether Facebook has standing to sue over infringement of ads | for other businesses but their ToS may cover some non-exclusive | copyright to shared | [deleted] | stanrivers wrote: | How does the idea that while the user of the extension might | agree, the friend group that is sharing the information that | is being scraped has not consented? | | That seems to be an important difference, no? | ummonk wrote: | Right. It's as if it is essentially a hacking tool, since | the user of the extension would seemingly be violating the | FB terms of service. | wolco2 wrote: | The users of the extension have access granted to those | friend groups by the owners of those groups. Through that | access things get saved. Consent was given... | edmundsauto wrote: | Consent, perhaps, but not a license for using the data. | Reelin wrote: | Which if you think it through means that the friends | might have legal standing to sue the _user_ of the | extension. | | Not to sue Facebook or the extension author and | definitely not for Facebook to sue the extension author. | extra88 wrote: | Yes, there's harm to Facebook, the other users whose data | is scraped, and probably to organizations advertising on | Facebook. The masses of users and organizations are | unlikely to be aware this is going on or to be able to | organize and sue the extension makers. | | These extensions are made by shitty companies using shitty | practices to make money. If current legal frameworks aren't | well suited to deal with it, that doesn't make them any | less shitty. | abeyer wrote: | These extensions are made by shitty companies using | shitty practices to make money by "stealing" data from a | shitty company with shitty practices to make money. | | You're just a pawn sitting in the middle while the | parties to this fight over who gets to exploit you most | effectively. The only positive outcome here would be if | the courts hugely overstepped their mandate and told | everyone involved that this data shouldn't be available | at all, you have to destroy it now. | monadic2 wrote: | Sure, but doesn't the TOS harm the user by restricting | their access to their own data? Facebook might have a | case but you can't possibly paint them as a victim here. | extra88 wrote: | The issue not so much the extensions scraping the | individual user's own data (or data about them) but | scraping data about advertisers and about other users. | | Facebook is harmed through resource consumption by the | scraping, the infringement of any copyrights they hold on | what's scraped, and potentially harmed in their | relationship with their advertising customers and their | users. | | How bad Facebook's own practices are is irrelevant to the | issue of what these extension makers have done. Dirtbags | have rights too. | tzs wrote: | > Alternately, maybe copyright infringement. Some of the data | are considered facts, that are not copyrightable (even in | aggregate, in the U.S.). | | Facts aren't copyrightable, but a collection of facts might | be if there was sufficient creativity involved in the | selection and arrangement of the facts. | | The big case on this was Feist Publications, Inc., v. Rural | Telephone Service Co., 499 U.S. 340 (1991), where a company | copying a telephone book was found not to be if infringing | because the phone book was not be copyrighted. | | The Court ruled that there is a constitutional requirement | for at least some minimal degree of creativity in a work for | it to be copyrighted. In the case of a phone book, neither | the selection criteria (everyone in this region who has a | phone) nor the arrangement (alphabetical order by name). | | The Court also noted that if there is sufficient creativity | in the selection or arrangement to support copyright, the | copyright would be on that selection and arrangement. The | underlying facts would still be uncopyrightable. In the case | of the phone book, for example, that would mean that even if | Rural had used a creative arrangement and could copyright | that, Feist could still take all the names and phone numbers | and produce its alphabetical phone book from them. | | Applying this to Facebook, it may be that they do have | copyright in the selection and arrangement of facts that were | scraped. Whether or not the scraper is infringing would hinge | on what they did with those facts. | lmkg wrote: | The case you mention is one-half of the picture, and I feel | it's important to mention the other half. | | The White Pages are not copyright-able, which is what your | case describes. But the Yellow Pages _are_ copyright-able | (somewhat). This is because grouping the businesses into | categories clears the bar of "minimal degree of | creativity" that you mention. However, the individual | listings are still not subject to copyright so there's no | problem with taking them and re-arranging them. | extra88 wrote: | > Whether or not the scraper is infringing would hinge on | what they did with those facts. | | I don't think the scraping companies could mount a | successful fair use defense so they'd definitely be found | to be infringing and could be ordered by a court to stop. | What damages they might pay would depend on what they did | with the data. | johnnyfaehell wrote: | >This isn't a case of users knowingly using a tool to scrape | data for their own use, the users installing the extension | are, at most, mules, for the extension makers. | | I feel it's reasonable for the average person to figure that | a plugin that pays them for using Facebook and Twitter is | paying for the data generated from those sessions. There is | already a case with LinkedIn where courts are allowing data | scraping even though LinkedIn disallows it and forced | LinkedIn to stop blocking it. | | I feel like this is a case Facebook should lose. Facebook | wants complete ownership of the data from Facebook for | marketing purposes because obviously if they're the only ones | that have the data they have a monopoly. But preventing | others from gathering competing data seems to be a breach of | Antitrust. And Facebook execs will openly admit this is what | they're doing. They've shut down multiple influencer related | companies who completely backed down from a cease and desist | from Facebook. And they're refusing to allow anyone to grant | influencer agencies access to their data. This is Facebook | telling people who they can give their data to. As well as | Facebook saying companies can't scrape public information and | then sell the statistics. And statistics can't be | copyrighted. | reaperducer wrote: | _I feel it 's reasonable for the average person to figure | that a plugin that pays them for using Facebook and Twitter | is paying for the data generated from those sessions._ | | I suspect that, to date, you've mostly met above-average | people. | | The average person, in my experience, has no such | expectation or understanding. All they know is "free | money!" | johnnyfaehell wrote: | Luckily, I believe the legal standard may be a reasonable | person would understood it. :) | henryfjordan wrote: | > courts are allowing data scraping even though LinkedIn | disallows it and forced LinkedIn to stop blocking it | | Courts only said "If your server responds to an | unauthenticated GET request, that's on you". Linkedin is | free to stop providing that data or move it behind a login | wall, they just don't want to because it helps them with | SEO. Contrast that with these plugins that are absolutely | accessing data behind the user's login. | | Also with regards to the antitrust assertions you make, | Facebook is absolutely not required to share their data | with anyone. People give their data to FB, FB can do what | they want with it (as long as it's within the ToS). | Facebook can't stop me from also giving my data to someone | else outside the platform, but they do not have to | facilitate that process in any way. | johnnyfaehell wrote: | > Courts only said "If your server responds to an | unauthenticated GET request, that's on you". Linkedin is | free to stop providing that data or move it behind a | login wall, they just don't want to because it helps them | with SEO. Contrast that with these plugins that are | absolutely accessing data behind the user's login. | | Yes, exactly. Basically saying if LinkedIn was providing | the data they couldn't block the data for specific | people. In contrast, these plugins are collecting data | that someone has chosen to make available to them. This | is Facebook attempting to stop people from giving data to | their competitors. This is anti-competitive. Overall the | LinkedIn case said that if the user made that data | available then that is on them. Not that it was an | unauthenticated request, but that the data was made | public and there was no attempt to bypass any privacy | filters. | | > Also with regards to the antitrust assertions you make, | Facebook is absolutely not required to share their data | with anyone. People give their data to FB, FB can do what | they want with it (as long as it's within the ToS). | Facebook can't stop me from also giving my data to | someone else outside the platform, but they do not have | to facilitate that process in any way. | | One of Facebook's services is to provide that data to | other services so you can use those services with that | data. Saying no you can't share that data and not provide | you that data in export is well, anti-competitive. This | is saying "No, we don't want you to give those people | that data." This is anti-competitiveness. Suing companies | and preventing them from competing is predatory. You make | claims that Facebook doesn't have to do these things, I | feel like Facebook should be forced to allow these | things. Just like we force Facebook to do other things | like delete user data or make user data available (which | it actually isn't doing completely last time I checked | because you can't export your data and then have the | exact same data on your own system.) | [deleted] | anigbrowl wrote: | I'm not sure that FB has standing in this case. | extra88 wrote: | I bet they do. Even if most of what is scraped is more | properly considered as belonging to their users and | customers, I'm sure at least some of what's scraped truly | belongs to Facebook. | | Even if the specific act of letting the extension run is | the fault of each user and presumably means they each | violated Facebook's ToS, they can probably sue the | extension makers for bribing the users to violate the ToS. | Reelin wrote: | > sue the extension makers for bribing the users to | violate the ToS | | That's an interesting thought. A ToS is just a (rather | questionable, in many cases) contract. Can party A sue | party C for bribing party B to violate a contract between | A and B? Genuine question - I honestly don't know, but my | guess is no. | darepublic wrote: | I feel like users should be having automated tools to scrape | for their own use. Once these kind of sophisticated browser | automation tools come out eventually Google and ilk will be | putting out all stops to prevent browser automation and | verify who is using the browser, their real identity and what | they are allowed to see (and not see) | extra88 wrote: | > users should be having automated tools to scrape for | their own use. | | I agree but that's not happening in this case. ___________________________________________________________________ (page generated 2020-10-02 23:01 UTC)