> AFAIK he didn't hack JSTOR. He downloaded papers en mass using a guest MIT account that had legal access to JSTOR.
Potato, potahto. Or, like kids these days say it, "corporate wants you to find differences between these two pictures...".
Fact is, from the POV of the legal system, "using a guest account that had legal access to" a system, but to which (the account) you didn't have legal access, would typically be seen as hacking. So is running curl in a loop, if it results in you getting sued for it. So is just guessing the URL (e.g. incrementing a user ID in a GET query param), if it lets you access things you shouldn't be able to.
Yes, it's not aligned with how technology works. But it is aligned with expectations of behavior, which is what the law is really about.
> Fact is, from the POV of the legal system, "using a guest account that had legal access to" a system, but to which (the account) you didn't have legal access
I don't think that is accurate.
He had legal access to the account. The account had legal access to the service.
The argument was that downloading articles en masse was an _abuse_ of the service, which was a violation of the Terms of Service and therefore a CRIMINAL ACT.
Potato, potahto. Or, like kids these days say it, "corporate wants you to find differences between these two pictures...".
Fact is, from the POV of the legal system, "using a guest account that had legal access to" a system, but to which (the account) you didn't have legal access, would typically be seen as hacking. So is running curl in a loop, if it results in you getting sued for it. So is just guessing the URL (e.g. incrementing a user ID in a GET query param), if it lets you access things you shouldn't be able to.
Yes, it's not aligned with how technology works. But it is aligned with expectations of behavior, which is what the law is really about.