Do not accept terms and conditions

No chance that would hold up in court. Clickwraps have been tested in courts and are fully enforceable.

And keep in mind that (at least in the US) the opposite of "I accept the terms and conditions" is not "I get to do whatever I want," it's "I am accessing this service without authorization, which is a crime under the Computer Fraud and Abuse Act."

If I'm on the jury, I'll make sure he walks.

The only valid agreements require the party seeking the agreement to make efforts in that pursuit. Did a human view the signed agreement afterward? Do they store that signed agreement in such a way as to be able to retrieve it if they need to contest the terms later?

Then no agreement was made.

And as for the CFAA provisions, if they put those resources on the public internet, then the public has the right to interact with them. You can't fence off the sidewalk and claim that someone trespasses when they walk on it.

I envy the rigor and time investment, but I'm inclined to agree: there are unenforceable contracts, but I'm not aware of any case in which denying t&c's while using a service deliberately was successfully defended as compatible?

I'm not a lawyer though, I'm not even that well-informed about everyday law stuff for laymen.

>No chance that would hold up in court. Clickwraps have been tested in courts and are fully enforceable.

there may be no chance it would hold up in court, but not for the reason you say. it would have be be because "any words on on a modified document "signature" line would be taken as a signature" or "subverting a clickwrap license is theft of services" or whatever.

that "agreed" clickwrap licenses have been found enforceable is a separate fact about a separate issue.

Are you implying that if a US "service" consists of e.g. publicly accessible HTTP endpoints, it is illegal to use these endpoints in the US without "accepting" some terms and conditions that the provider of these endpoints requires its users to accept before using them?

I do not understand how such a requirement would be legally enforceable for public endpoints.

Yes of course. Ask weev how the “it was publicly accessible” defense worked out.

> You can't fence off the sidewalk and claim that someone trespasses when they walk on it.

Perhaps a better analogy would be:

If you go out into a public space, you have to accept that by doing so you lose a certain portion of your privacy. You cannot expect that other people will agree to your "terms and conditions" before being allowed to talk to you. They will just talk to you if they so like.

Simply violating a TOS is not a federal crime, as long as it doesn't circumvent a technical barrier like a subscription wall. This is a new SCOTUS interpretation of the Computer Fraud and Abuse Act as of 2021, in Van Buren v. United States.

How much money, time and freedom to waste do you have to fight and then appeal this from jail then prison?

> If I'm on the jury, I'll make sure he walks.

If you're going to be on a jury, don't post things like this on the internet, even if I agree with you.

You can reasonably assume that if no terms and conditions were offered, then your use of a publicly accessible endpoint is authorized.

But if terms and conditions ARE offered to you, and you bypass acceptance somehow, then you're knowingly accessing the system without being authorized.

I really doubt this would be prosecuted except as part of some much larger misbehavior, but it is there.

It’s not like fencing off part of the sidewalk. It’s like having a building next to that sidewalk with a door. The fact that the door is easily accessible doesn’t mean everyone is welcome to come in. If the door is open that’s generally how it is. If it’s locked, even badly, entering would be trespassing. If it’s locked with a button that unlocks it, and the button says “by pushing this button you agree to the following terms,” well, that’s hard to say.

If I use wget to mirror a site and there are terms and conditions that I never see then I'm "using a public facing API while being unaware of terms and conditions".

So, then what?

That's a different situation. Those urls weren't meant for public use, and provided private information on user devices.

Furthermore, on reading the wikipedia page, his conviction was vacated.

> On April 11, 2014, the Third Circuit issued an opinion vacating Auernheimer's conviction, on the basis that the New Jersey venue was improper,[60] since neither Auernheimer, his co-conspirators, nor AT&T's servers were in New Jersey at the time of the data breach.

> While the judges did not address the substantive question on the legality of the site access, they were skeptical of the original conviction, observing that no circumvention of passwords had occurred and that only publicly accessible information was obtained

https://en.wikipedia.org/wiki/Weev#Imprisonment

I mean, the CFAA being discussed is a notoriously broad law that's far too easy to run afoul of without realizing it.It's totally possible a court could seem that illegal.

> If I'm on the jury, I'll make sure he walks.

This statement ensures you won't be on the jury.

Man, the law really needs some technical nous...

Have they been tested in court where the defendant has a screenshot of clicking through declined terms of service?

I'm not sure they're allowed to use the service if they decline the terms.

I haven't been summoned yet. If they're digging through my 10 yr old HN posts during voire dire though, I think we're in some sort of trouble that a verdict can't fix.

I think we're already there, at least regarding the trouble part :(

Semi-seriously, though, billions are being poured into the correlation of social media posts with real identities, it could be offered as an automated process for a fee that any lawyer would be happy to pay.

If I make a list of people’s private information publicly accessible on accident without their permission and you access it which one of us is liable?