Facebook is asking a federal appellate court to let stand its recent ruling that the defunct aggregation service Power Ventures violated a federal hacking law by “scraping” Facebook’s site.
The social networking company wants the court to reject arguments by the ACLU and other digital rights groups, who have asked the court to reconsider its ruling. The ACLU, Electronic Frontier Foundation and others argue that the original decision could have far-reaching consequences — including the prosecution of users for sharing their passwords.
Facebook counters in papers filed late last week that the dispute with Power “involves especially uncommon facts,” and therefore “certainly isn’t the case for issuing broad guidance.”
The decision, issued last month by a three-judge panel of the 9th Circuit, stems from a 2008 lawsuit by Facebook against Power Ventures.
Power aggregated data from a variety of social networking services, enabling people with accounts through MySpace, LinkedIn, Twitter and other services to access all of their information from one portal. To accomplish this, Power asked users to provide log-in information for their social networking sites and then imported people’s information.
In late 2008, Facebook sent a letter to Power demanding that it cease and desist accessing the site. Power allegedly continued to draw on the passwords that users had provided in order to access their information.
A three-judge panel of the appeals court ruled last month that Power violated the Computer Fraud and Abuse Act by continuing to access Facebook after receiving the cease-and-desist letter. That law, which provides for private lawsuits as well as criminal penalties, prohibits anyone from accessing computers without authorization.
Power has asked the 9th Circuit to reconsider that ruling; the EFF and ACLU are backing the request.
The rights groups argue that Power never “broke into” Facebook’s computers, because users voluntarily gave their passwords to Power.
The organizations also warn that the decision appears so broad that it could lead to prosecution of people based on password-sharing. “At root, the panel fails to tie its decision back to any alleged computer break-in,” the organizations argue. “In so doing, the decision threatens to turn innocent Internet users into criminals on the basis of password sharing.”
But Facebook says the appellate judges dealt with the “egregious” facts of the dispute, and not “hypothetical” questions about activity like password sharing.
“The typical couple sharing an online bank account, or an academic researcher studying an internet platform, hasn’t first received a cease-and-desist letter demanding that they keep out of the computer system,” Facebook argues.