Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Actually the CFAA would say otherwise as far as someone using it without agreeing to your ToS.


after verifying on Wikipedia I can only conclude that you somehow misinterpreted my comment, as it addresses misuse of api by circumventing authentication, rate limits etc.

That's entirely unrelated to unauthenticated and public APIs and their possible ToS relevance.


That's not how it's been interpreted in courts in the past, they've taken it to mean that a violation of the terms of service can be a violation of the CFAA, https://www.rcfp.org/scraping-not-violation-cfaa/

Some cases have been found to not be a violation given a public API, but in the case of sync like this, it is not a public API. It's a public facing api but it requires authentication (the keys in question) in order to be used, this means that using google's keys without authorization from google to use them for that purpose would likely be seen as a CFAA violation by the courts.


Absolutely, and I said said the same thing in the original comment.

You can't have an account without agreeing to the ToS, so it's definitely a violation.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: