Slashdot Mirror
Should You Break TOS Because Work Asks You?
An anonymous reader writes "My boss recently assigned me a project that was all his idea, with two basic flaws that would require me to break multiple web sites' Terms of Service (TOS). Part requires scraping most of the site, parsing the data and presenting it as our own without human intervention. While we're safe on copyright issues, clearly scraping like this is normally not allowed. At times it might also put a load on those sites. The other is, for lack of better words, a 'load balancing' part that requires using multiple free accounts instead of purchasing space and CPU time for less than $2,000 USD per month. The boss sees it as 'distributed' computing when in reality it's 'parasitic.'
My question is: am I wrong about the ethics? If I do need to walk, how best can I handle it without damaging my reputation and future employment opportunities?"
My question is am I wrong about the ethics?
You don't even have to ask that question, this isn't even one of those interesting cases or gray areas. What you're planning to do is wrong--even though you could probably escape any legal ramifications. It sounds pretty clear that this site creates profit from these overly priced accounts for information that you obviously value at some amount. Getting it for free (regardless of the TOS) could put you at some risk for litigation. Using the term "load balancing" or even "distributed computing" is hilariously misplaced here.
If I do need to walk how best can I handle it without damaging my reputation and future employment opportunities?
Look, I understand what's it like to be looking for a job when the economy is bad. If there are forces keeping you pinned to this employer, I don't know of them. What I would retort with is "How can you keep working this job without damaging your reputation and future employment?" I mean are you going to put in your resume that you coded a technically innovative but bandwidth stealing parasitic botnet to duplicate content from a website that asks for a monthly payment to normally access it at that volume?
I would suggest you propose the $2k/month route and if your boss balks at it, start interviewing with other companies. If you have to leave and you're worried about being blacklisted as a 'whistleblower' (and your boss just might be that kind of guy) then tell him it's for monetary reasons that you're leaving and wish him the best of luck in his future scams.
My work here is dung.
...ask a lawyer.
Did the contractors on the Death Star deserve to die?
...you build a system that closely relies on this nonstandard (and unsupported) method of getting information, they change it and it breaks.
Either by accident, or because they spot a load of particular access patterns from your address, figure out what's going on and intentionally break it.
Wait until he takes credit, then create some problems. Put in a user agent string identifying your company... have the distribution not quite equal... Just do a few things to tip off others and sabotage his brilli
and it doesn't sound like anything illegal, just a bit questionable maybe. I say count your blessings you even have a job in this economy and do it unless you feel you are breaking the law. I don't have my copy of the ACM code of ethics, but this seems pretty borderline to me.
Resign now!
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
If you can access it, it was designed to be accessed.
What your boss is trying to do is not unethical, just cheap. And to be honest, doing something at a lower cost and achieving the same results is actually good business.
So you can either be on board with your boss, or you can acquaint yourself with the unemployment line.
If your boss asks you to do something illegal, don't. If he doesn't agree, you should probably be looking for a new job, already. If he's willing to play these kinds of games with another company, what makes you think he won't do the same to you?
You can quit, whiner! If my boss asked me to rob a liqueur store, I wouldn't conduct a poll on the police fraternity league website first. I would quit and then report him.
No. By your own admission you think its wrong. Next?
Okay, this one is simple. You know what is right and what is wrong. The reality is that 99% of the folks will do what the boss asks without even raising a fuss. The reality is that you will be damaging your career if you don't go ahead.
Now, the other reality is that shit flows downhill. That is, if this project gets questioned, the boss will claim ignorance, and put the blame on you. Your job is to cover your ass.
Email is a good documentation tool. "Clarify" the request, asking if this is what he intends for you to do. Remove the emotion. Put in only facts. Put in a piece about your not being sure, but this may be a violation of terms of service. Ask if he wants you to proceed. Forward your sent email to a personal account.
By the book. This one is so simple that it should be in the FAQ.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
I am definitely not at your place, but I would avoid doing such unethical & unfriendly stuff. Rememver, that such kind of behavior would follow you much more that your boss. In a few couple of weeks, your boss's name would have been forgotten, but your name would be remembered and associated with such kind of behavior. A few years ago, I did a web crawler, above Larbin, to measure statistics on web pages. I tried to have it be web friendly (i.e. robots.txt aware, and not to much load on a single site). However, I suppose that you are in the USA and I guess the employment situation is bad there, so I understand you want to keep your job. But try to also keep your reputation (which lasts longer than a single job). Good luck. Regards.
"My question is am I wrong about the ethics? If I do need to walk how best can I handle it without damaging my reputation and future employment opportunities?"
Well, you can escape most of the "consequences" of doing something like this [basically none] by virtue of being a simple programmer.
I was just following orders is the good way to go. Make sure you document everything, including your objections.
Real engineers on the other hand, do not have such a simple recourse.
Does your boss understand that what he is asking is unethical and possibly illegal? If not, try to explain it to him.
If he won't listen to you, you should probably start looking for another job.
If you can access it, it was designed to be accessed.
So you're totally behind email spam, you don't think spam should be considered unethical, let alone made illegal?
"What other people think of me is not my business." IOW, is how others see you more important than how you regard your own integrity? Do the due diligence yourself. If the website owner's TOS do not allow what you are trying to do and you do it anyway, what does that say about your 'reputation' as a whole, to yourself, and the people whom most care about you? - stevieb
I work in health care, so maybe it's different in your industry, but every hospital I've worked for has had a compliance officer with an anonymous 800-number for compliance questions. This is DEFINITELY the kind of stuff they want to know about.
And make sure you have a clear chain of emails showing this was your boss's idea.
Things like this always fall apart in the end. People who are greedy and short sighted in one respect are always greedy and short sighted in other ways that eventually bite them in the ass.
Someone will come along, see the idea, and will invest a small amount of cash in their own, and end up with something much better in the end.
That person may even be you.
What I worry about is this:
I can't see you being able to do that without getting into hot water later. Even if copyright is OK it is still dodgy.
Your boss is a fucking idiot. Pay the money. It will all be blamed on you when it is inevitably unavailable one of these days.
The fact that you are phrasing that in terms of stepping non eggshells tells me that you need to be looking for another job and reducing your stress. These ideas that you have presented from your boss are s-t-u-p-i-d, and they will almost certainly come back and bite you and not him. I'm afraid you'll have to be honest and blunt.
Regardless of your decision in this matter it has the possibility of changing your opportunities elsewhere... that is, if you tell your future would-be employer. My question is, why would you tell them either way? Even if you "do the right thing" do you really want to wear that on your sleeve in your next interview? I think that kind of thing is just asking for trouble.
Have a prospective employer questioning your ethics or lack there of in the interviewing process is going to throw up red flags. It's a question best avoided all together.
Dedicated Cthulhu Cultist since 4523 BC.
Nothing ruins your reputation more than working against your boss (as long as he demands nothing illegal from you.) You can discuss other options with your boss, and if your arguments are solid, you might convince him. What you have to realize though is that he's the boss and as such he makes the decision. Do not keep on about it.
If you can't convince him and you're having moral qualms, quit. If you stay, do the job.
Fix it. He wants to do something on the cheap and look good. But the way he wants to do it is going to fail spectacularly. And when it fails, so will you. If this puts any amount of load on the services it is using, it will get picked up by the service provider. Maybe not today, but it will. And then the accounts will get turned off and possibly your IP addresses blacklisted, and then it all goes away. So give him a better solution. If he is balking at the $2k/month find a cheaper service. There is almost always one. Compare the cheaper solution to the time spent fixing it when the free service cuts you off. Provide examples of free service cutting people off.
And unless you are looking for some very specific information, I would expect someone to provide an RSS feed with something similar that is supposed to be used for this sort of thing.
Every time I'm told to do something stupid (which is probably about 10 times a day at this point), I carefully outline in writing why I think what they want me to do is stupid and/or illegal, present that to management, and then do it anyway. If you are a programmer, you are not employed to determine whether something is legal or ethical or not. However, if you see your company doing stuff like this, it might be a good idea to look for a new job. Bad management does not limit itself to any one area of idiocy, and you don't want to tie your survival to a business that behaves that way.
Sure thing. Your boss sounds like the kind of ethical guy who would accept the consequences of any illegal or unethical actions, and he totally wouldn't let you take the fall for it instead.
Oh, and can I interest you in a timeshare? A bridge, perhaps? How about some prime Louisiana real estate?
Why would your reputation get "damaged" if you walk off a job because of this if employers claim to "only check date ranges" for references?
Only YOU can decide how far you're willing to go for your job. You're essentially asking us what your own ethical limits are.
SJW: Someone who has run out of real oppression, and has to fake it.
Even if your boss doesn't care about the ethics of this scheme, he probably does care about ramifications to the business. What happens when you get caught? All your development work will have been wasted because they'll shut you down at the very least. There's potential for a lawsuit, which is an expensive proposition even if you win. Damage to your company's reputation may make it harder to do business. And as another poster already mentioned, this isn't exactly a gem of a project to put on your resume.
Our employee handbook covers this very nicely in the "Standards of Conduct" and "Professional Responsibility" sections. To wit:
CORPORATE INTEGRITY
To maintain the confidence of the public and customers we serve, it is essential that all
employees of (company) adhere to the highest standards of business ethics and
employee conduct. We must all strive to create a work environment based on trust,
respect, integrity, responsibility and honesty.
We must all remain alert to possible violations of the law, regulations, or business ethics
anywhere at (company). Any questions or doubts that may arise regarding a
particular situation should immediately be brought to the attention of a supervisor,
Senior Management or the President.
In general, when conducting business on behalf of (company) you should use
common sense and apply the following "S.L.I.P." test. Remember, think before you act.
- Scrutiny: Will my actions withstand public, media, legal and/or organizational scrutiny?
- Legal: Will my actions violate applicable laws, regulations and/or (company) rules or policies?
- Interests: Are my actions in the best interest of (company) and the public?
Will any party, including myself, stand to gain an undue advantage?
- Performance: Are my actions consistent with the proper performance of my duties?
I think that failing 3 out of 4 probably makes this a no-no.
Having been put in a position once before that an employer asked me to do something I found to be frankly quite lacking in a moral nature here's what I ultimately decided to do.
After considering the work for a while, both why I didn't feel like performing the work personally and why the company desired this functionality I finally decided to do the work, but inform my boss and his boss that I was uncomfortable creating this before hand and giving them clear notice of the whys.
Firstly I did the work because it was simply my job and I had signed onto the job. It's something a *lot* of people might not have given a second thought to creating, obviously as they both had no problems with the work since they asked me to continue even after raising my concerns. Secondly because it wasn't really "that bad" and having steady income of cash dolladolla bills allows me to have nice things like somewhere to live and food I wanted to see if it was something I was over-reacting to.
After completion? Yep, I still felt like shit. So I gave them my notice and told them in the my resignation letter why I was leaving and referred them to the early notification of my objections. So, for me, it was a good learning experience about myself and having done it in this manner I have no problem explaining it to future employers as my reason for leaving this particular job.
--- I do not moderate.
A website's "terms of service" are not the Ten Commandments. They're not laws, or even moral rules. They're just what one company wants you to do. You don't work for them, why do you care? If they notice and complain, it's your boss's problem, legally; and morally, I wouldn't lose any sleep.
Only thing to do is cover your ass and get your boss to put his instructions in a memo so he can't blame you should problems arise.
Really "scraping a website" is not a moral question on the scale of collaborating with Nazis. It's a business. Other businesses are your rivals, not your friends. They'd fuck you over in a minute.
I told you to scrape Slashdot, not read it. Now get back to work!
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
Not sure of your jurisdiction, but Ryanair (Irish low-fares carrier) is currently suing two companies that use 'scrapping'/crawling for travel aggregation comparison services. Details in the wikipedia page: http://en.wikipedia.org/wiki/Screen_scraping - see section on 'Legality'. Could be something to keep an eye on. The load balancing part however sounds dodgy as.
I don't think you are, actually. Harvesting somebody's data and presenting it as your own (which I'm sure is what you're planning to do), presumably expensive data like stock prices, research data, or whatever, is still plagiarism, and would probably not be looked upon well in court. They could argue, for example, that you're counterfeiting their "product". Or it could be seen as a form of industrial espionage, I guess. You're not terribly likely to get caught, mind you. At least you weren't until you posted this on Slashdot and told the internet "O HAI, if we, your competitor, mysteriously publishes terabytes of useful data in a week, we probably nicked it from your website."
No kidding!!! What do you say at this point?
The whole idea sounds pretty scummy, based on your description. Multiple free accounts? yeesh.
So why don't you just ask the webmasters of the sites you're about to scrape? I'd bet the site owners would settle for a few hundred per month to provide you with data in whatever form you require. And it's cheaper than the $2000/mo. for a server, etc. (If these sites are "bigger" than what a few hundred a month would buy, then you damn well better ask (see below).
Ask your Legal department about this as well. They can be extremely helpful in stopping hare-brained ideas like this. If the websites in question are big enough to take action against this, YOU'RE the one left holding the bag, not Mr. Bright Idea Guy.
WARNING: All of this assumes your boss is partially sane and reasonable!! If he's a jerk, you are hosed. I'm sorry.
Have a little chat with your in-house counsel. Not in the "OMG my boss is making me break the law!" but in the "Look, I want to make sure we protect ourselves" way. Better yet, do it via email so it's documented. Then your counsel will go have a little chat with your boss telling him what an idiot he is.
If I were you, I'd try to dissuade my boss on the legal and ethical grounds, and then I'd start trying to find a new job. Violating ethics is one thing, but your firm's violating another firm's terms of service could cost your firm much more than they're saving, in legal damages and lost reputation. If your boss has higher-ups, he could be sacked, or he could try to shift the blame onto you, so you could be sacked. Some companies have a lawyer on staff, or on retainer, and this is the guy/gal who really ought to be pulled into the question.
Beyond the legal and ethical considerations, there is the pragmatic consideration that if you are scraping someone's site and the load is noticeable, the "host" (to use your parasitism analogy) is going to take technical measures to stop it. This means your stuff is going to break and be unreliable. That's not going to be good for the company's bottom line.
For yourself, besides the question of your reputation and future employment, you have also to consider that if your boss is willing to do this to others, he is probably willing to do something similar to you. It's a question of when.
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
You're getting paid to do a job, and you're not going to be personally liable should anything go wrong anyway. Why bother having an ethics dilemma? Are you really going to walk out of your job over violating the terms of service of a few web sites?
It's not your job to worry about the ethics of the situation, that's probably not even your boss's job -- it's somewhere in your corporate legal department, the Board, or an Ethics or HR department perhaps. But not the programming department. Unless you're a member of ACM, in which case you're encouraged to voluntarily abide by their code of professional ethics, just do what you're being paid to do and ask fewer questions.
Given that nobody will be injured by your actions (you can't use 'just following orders' to justify war crimes, etc.) there's no problem. And if they sue you, the boss and the company are going to be at fault, but not you personally.
If you even need to ask, you've already demonstrated a trace of ethics.
Now, sometimes having such ethics will mean you have to make difficult choices. And nobody else can make those choices for you.
While ethics won't pay the mortgage, "Reason for leaving the previous job: I was asked to do something illegal and, when I queried this, was given the ultimatum to do it or get out. I got out." is probably a heck of a lot better than "The company had to sack me after it transpired I'd done something illegal" (emails to CYA notwithstanding).
Because, make no mistake, the fact that your company has done this will get out.
We'll help you. Just send us the link to the pages yer scraping, and we'll SlashDot them out of virtual existence. Then you can:
a) Demonstrate what will eventually happen when their scheme is found out
b) "Suggest" to your boss that you need a raise, because this isn't "extortion", just "power brokering". I'm sure he'd understand.
c) Tell him "Klaatu, berada nikto, muckerfother!"
d) Remind him that you only wield this power for good
I'd have to guess they simply haven't figured out how to distribute the labor across many free workers yet. I believe it's called "crowdsourcing".
Shit falls downhill. This mantra cannot be overstated. You must always remember that, at the end of the day, the shit will _always_ fall downhill. If a bad/illegal system is implemented, it will not be the fault of the person who requested said system - it will be the fault of who implemented the system.
How should one deal with this situation? It depends. Do you feel sufficiently confident in your job that you can say "no" without being fired? Does being fired scare you (will you be able to make ends meet and put food on the table without the job)? Do you think, especially in this collapsing economy, that you could find a new job if you lost this one? Is this even a job you want to continue with? We don't know the answers to these questions - only you do. But, regardless of the answers, you must remember that shit falls downhill. If things are going to go bad, you will get the blame. If you can accept that then go for it. If you can't, then make other plans.
Sure it will, if you tell people exactly what you did.
Resumes are for listing your skillsets, not whether you agree with the ethics of your employers.
Pro: If the stuff hits the fan, the boss could say that he didn't know you did that and that it's your fault. Make sure you have email records printed at home that say that 1) you don't recommend this because it violates the terms of service, and 2) he says he doesn't care and to do it anyways and that he will be responsible, not you.
If you have that, then at least you can pass the blame to the truly responsible party. And no, I don't think it's wrong to do something illegal where the only damage is financial as long as you are absolved of the responsibility for your actions.
Con: Still, I would seriously consider looking for another job, because while the reality is that this type of illegal action is very common... things have a way of going very, very sour for the developer job-wise if and when they finally get caught.
stuff |
I was once asked to decompile a piece of commercial/non-FOSS software in my workplace. I reminded my employer that it was very likely illegal to do so. As a result, I was viewed as someone who was not a "can do" employee. Not suprisingly, I found work elsewhere.
If I was running the website that you were scraping and I saw a repetitive bandwidth spike to one location - yes these people do check - the you can bet an investigation, change or block would be forth coming and then your Boss would have no data at all.
The same applies to "load balancing" which is obviously stupid, short sighted and plain wrong.
My first option would be education of the (PH?) Boss with emphasis on what could go wrong, how easily and why.
As a general rule, management is an unethical occupation. You have been asked to do something that you know is wrong and have been put in the situation where if it's brought to the light of day and makes the company look bad, you will be used as a scapegoat.
In this situation, even pointing it out to you "boss" would make you a "non-team player".
In your shoes, I would drag my feet on it and find new work asap.
Source: Prior experience with one of these "corporations".
He can't be paying you that well. Chances are you can get paid more elsewhere. Time to walk.
For some reason I refuse to use either spell check or the spacebar properly.
"Compliance officer" in an IT business... you crack me up. You should take your show on the road.
Hospitals have compliance officers because a) they're regulated, inspected, etc. and b) people can die and they can be sued to Kingdom Come.
The IT business is about as regulated as Somalia.
I piss off bigots.
If the employer can't afford hosting what are they doing to pay your salary?
Oh that's apparently somehow covered by the yearly Charity Employee Voluntary Organ Donating Session where you can volunteer marrow, a kidney or a lung. They didn't give all the details though.
May contain traces of nut.
Made from the freshest electrons.
I don't know how much you're getting paid. But, given the time it would take to create and maintain such a system, when you could be doing other things for the company, I kind of doubt it's going to save them much money anyway.
I know of someone who got caught up in something like this and here's the case for it... http://calorielab.com/news/2006/07/24/more-cowbell-diet-web-site-the-daily-plate-caught-borrowing-calorie-data/ I do not know what the final outcome was for all of this unfortunately.
Dedicated Cthulhu Cultist since 4523 BC.
There are two items here of possible ethics violations.
1) Scraping the web sites.
2) Using free accounts instead of paying money for space.
Scraping the websites has two problems:
a) It crosses the ethics line. It is in fact stealing content.
b) Technically it is a very short term solution because you are relying on an interface that you don't control. Are you going to change your code every time they change the web pages?
Consider in detail the maintenance cost of this. It might be cheaper to ask the web sites to provide some kind of a feed for you and you only build the interface once.
2) Using free accounts does not sound like such an ethical problem but it is still a short term technical solution. These accounts do not exist for your corporate solution, they are not guaranteed, and their interfaces can change at any time. What is the cost for maintenance of this? What is the risk cost for this ?
Sure you need to look out for your job. However you should be able to negotiate providing evidence that the maintenance and risk costs to your firm outweigh the benefit of the current solution.
If you can't do that because you don't know how, then learn.
If you can't do that because your boss won't listen, then do the project and get the hell out of there.
Your resume does not have to be all inclusive.
Uneek
Your boss is asking you to commit a felony. You probably do not want to do this.
Send your boss this email. Print off two copies: put one someplace safe, and then walk down to Legal with the other.
... This will almost certainly torpedo your relationship with your boss, but if he's asking you to violate the CFAA then you don't have much of a relationship with him anyway. Your company's legal counsel will jump all over this and make it clear to your boss that (a) he's not allowed to violate federal computer fraud laws in order to make a buck, and (b) he's not allowed to exact retribution against you due to various whistleblower-protection statutes.
What makes you think you're safe on copyright issues? You didn't mention what you're scraping, but if it's somebody else's expression, your company could have a very big problem.
Depending on a number of factors, Terms of Service are legally binding, so there are going to be legal problems for you there.
How big of a company are you? Do you have a general counsel? If you do, you might want to raise your concerns with him/her. Are you a public company?
When I have been involved in hiring decisions, a big question is whether we can trust the candidate. So, candidates that talk about how bad their last employer was naturally raise a question about what they'll say if they leave us. BUT, I would actually be more inclined to hire somebody who, when faced with an ethically questionable activity, went through the right channels to resolve the problem and eventually decided to leave rather than compromise his integrity. You can still say "Overall, it was a great place to work, but I was asked to do something severely unethical and I chose to resign instead."
To treat those TOSs as the useless virtual toilet paper they are. While the particular terms of services you'd be breaking might not be so unreasonable, the whole idea that someone can impose an obligation on you for downloading a web page is offensive.
Your application sounds pretty shady on its own, but just tell your boss that and do it anyway. When the web sites you're scraping start feeding you false data (or just 501 errors) and making your company look stupid, you can say you warned them... especially if you did so in writing or at least e-mail.
I once worked for a company that did the same parasitic hosting thing. Eventually they sold to a bigger company for millions. But the founder cheated his employees out if their stock options. He had revealed his true character early on, but we foolishly believed that it would not be turned against us. We toiled endless uncompensated hours writing the much more complex code required to do what we called "weasel sharing". Your boss is an unethical crook. Get out now before he has a chance to cheat you too, if he hasn't already.
What the heck? How many free hosting accounts were you planning on managing, that you could replace $2000/month worth of hosting? Even maxing out a fully dedicated server comes out to less than a third of that, and I really doubt you would need all that firepower. Some companies cost more than this, some cost less, but either way... $2000 seems like too much.
$nice = $webHosting + $domainNames + $sslCerts
Part requires scraping most of the site, parsing the data and presenting it as our own without human intervention. While we're safe on copyright issues . . .
I'm not sure you're safe on copyright issues. Is the information you'll gather in the public domain or somehow not subject to copyrights? IANAL but, I suspect if you parse and transform the format, it's still infringement.
You mention that you'll have to violate the sites' TOS. Just a few months ago, the federal government brought criminal charges against Lori Drew for violating Myspace's TOS. slashdot.org
Does your company have a legal department? If so, raise your concerns diplomatically in writing and recommend to your boss that he get the lawyers to sign off first. This might make the whole problem go away.
Interesting that Slashdotters who by and large rage against DRM are on the side of not scraping website content due to ethical considerations. Doesn't anyone see the irony?
Don't emphasize the legal/ethical aspects of this issue. S/he won't be listening, and won't care. Emphasize the practical aspects of the issue - the site cutting you off, the possible problems of parasitic computing re the owners of those computers not being under your direct control. If that doesn't convince him/her, then discuss the legal problems.
Comment removed based on user account deletion
One of the questions we ask when we hire at my company is: "Tell me about a time when you face a value or ethical conflict at work. What did you do and what was the outcome". Now, you don't know the outcome yet, but frankly, I would applaud your efforts (at a minimum) for recognizing that this isn't right. Whether or not it's illegal isn't the question. Someone once said "it's not illegal until you get caught". Well, hang on for the ride. I can see your boss asking you to acquire counterfeit copies of software next. He's only a heartbeat away from that request. In summary - run, and run quickly. The economy may be in the toilet, but there are always jobs out there for people with high standards and ethics.
tell the site you are scraping, anonymously, that someone is scraping their site. it is plausibly anonymous, since someone out on the wild could notice. your boss will get an angry email and have your ip blocked from further scraping. then tell the hosting company, anonymously, that multiple free accounts are being used. this might not work out as well, since this is info a random person could not get. but you can hint the hoster in anonymous ways that allows them to discover the deceit
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
My company's market cap is in the $6B range. They still balk at paying $349 for a license. Instead, to finish a project I had to take my own license to install the software with the understanding that they would purchase licenses later. Needless to say, they never did.
They won't pay the $49/year per server for a piece of encryption software.
They won't pay $25/instance donation for the 10 or so instances of an OS in use.
So I no longer bring in my licensed copies. I no longer use my license keys to download updates. I claim ignorance when the software breaks and there's no support.
I've always worked at places that were victimized by scrapers, rather than the other way around. In the early days, I'd track 'em down (where possible), and try to extract some measure of satisfaction by confronting the miscreants with their misdeeds.
In my experience, most people don't even think it's wrong; in their minds it's the same as hotlinking an image. It's not their problem if the people on the other end don't protect their data. And anyway, if we didn't want the data stolen, we shouldn't have posted it on teh interwebs in the first place.
So I'm a bit amused at the sudden vehemence of the Slashdotters who commonly decry all DRM and all attempts by copyright holders to protect their IP. I would have thought the community would have come down on the other side of this issue, but I guess music and games are different from websites, photos, and other scrapable data.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
There's absolutely no conflict here, moral, legal, or ethical. Keep your job, keep your head up, and learn from it.
The data are published on the WWW. Since when do ethics preclude using anything besides a browser to access them? Yes, there are technical drawbacks and technical defenses; I'm not sure your boss's idea is a great long-term strategy. But if bad system design were unethical, Microsoft would sell a lot less VB.
The TOS are one company's attempt to control how you use their information. Are they enforceable? Do they actually care, if you don't republish? And why is that your concern? That's why your firm has management and lawyers.
You're not poisoning milk here; you're acquiring data for commercial purposes. Get to work, and let the legal beagles sort it out.
"direct mail has a cost, therefore spam should not be allowed because it's abusive"
That was your point, paraphrased.
Care to try something that makes sense now?
No, I predict you'll say something like "that was not my point" despite the fact that it's there to be read, so denying it is useless.
And then of course you'll attack me because that's what you do to people who point out you're wrong.
Tell him that the very next-to-best case scenario for him (the "best case" scenario being that they never notice what you are doing) is that they notice what you are doing and blacklist you from connecting to it ever again. If at all possible, give him an estimate on the likelihood of that occurring. Point out to him very plainly that if or when this outcome occurs, then what he is asking you to do now will be all for nothing. If the chance of legal ramifications is not negligible, you should also mention that as well. Document everything. If he still wants you to proceed, then polish your resume and find another job because if he's too cheap to pay 2k a month for a service he thinks he can scam off of for free, he's probably too cheap to want to continue to pay you in a few months time, after he figures he's got what he needs from you.
File under 'M' for 'Manic ranting'
Using multiple free accounts? Automatically reading a webpage? Sounds like something I wouldn't lose sleep over if I were doing it for my personal use. There's nothing inherently immoral about breaking a ToS, in fact some of the things they put in those are immoral. It's not illegal to break a ToS either, but it can get you banned from the website. It's really just... cheezy. The main problem here is that these are temporary solutions. Fine for a one-time operation, but you can't rely on them past a month. If it's something your company wants forever, they'll have to pay you to keep doing it/updating it, and deal with the downtime everytime the website changes or the free service closes your accounts.
not to be too harsh, but this is your work place, you are getting paid to do as you are asked. get off your high horse and just do it.
portfolio
You asked the question in a leading manor and have got odd responses as a result:
'Scrapping' pages is exactly what the Internet archive or Goggle do, this is common and generally accepted practice (look at the amount spend on SEO). It is also assumed that these operate without human supervision and do not need to read or compile with the human TOS of your site. Critically spiders should compile with the 'robots.txt'. If you do this you have the moral high ground. If you don't then it can be interoperated as criminal under the laws such as the Computer Misuse Act.
Similarly no one suggests that everyone using gMail is a parasite. Most 'free' services come with a very explicit contract detailing their allowed uses. If you compile with the contract you are fine, if not, you are again breaking the law.
Probably more importantly, this is almost certainly a bad business discussion:
Given that you as an employee have judged it as ethically questionable you can be fairly sure a significant proportion of your clients are likely to feel similarly.
Even if you are complying with the contract from your free service you are almost certainly not getting a SLA in return. If the supplier decides your business is dodgy, or you are putting too much burden on their system they will shut down all of your accounts without warning or reprieve. Constantly battling this is likely to cost you more then the hosting in the long run.
Page scrapping is very unreliable. Even when the source site is cooperating they invariable break it on every edit. What will happen to your business when the source site detects your scrapping and decides to serve goatse to your spider, and hence your clients?
IMHO what your boss wants is maybe not polite or nice but isn't really unethical. It is cheap, though.
I do share your disdain, though, as I have a boss who is equally cheap. Not for resale products we get on a discount for evaluation/testing purposes end up being used to support our internal production network, generally making them unavailable for what they were intended, getting us up to speed on the real thing.
I extract my revenge, though, by bugging the product reps for an additional unit on loan for testing by telling him (on the QT) that my boss is using ours for our internal production network. Sometimes I get the extra loaner in sympathy, sometimes I don't, a couple of times the product rep panicked the boss by telling him that the rep's loaner is in use and we needed to bring our own to a key sales demo (which was impossible without killing our network).
One guy mercilessly badgered the boss over the location of the NFR unit and it was hard not to laugh as the boss stammered and lied badly, since it was hard to explain why it wasn't available when the only people who should be using it were in the same room.
Maybe the story submitter needs to screw the bosses plan by emailing the site maintainers and explaining he doesn't like doing what he's doing and see if the site maintainers will submarine the bosses plan by canceling accounts.
The only thing to remember is that if you lose your job today, good luck finding another for a long, long time.
Illegal? Running a screen-scraper isn't illegal.
Neither is waving a gun around... on a film set, or in your own home. Try it in a busy street or place of business and see what happens.
This isn't just "running a screen scraper", and you know it.
Law is very simple in comparison.
If they don't provide an API for their data, they're asking for it. It's as simple as that.
Even if you don't want to tangle with the ethical issues, ask your boss how he feels about the app constantly going down and losing data because the "parasited" service deleted all your free accounts.
One being absolved in the eyes of the court does not mean one is truly absolved of wrong-doing. It just means that the court determined that the action(s) did not violate the societal code of law. It does not mean that one did not violate moral law.
I use irony whenever I can, but my shirts are still wrinkled...
And it is only monday....
She made the willows dance
There is an obvious problem when a boss asks you to do something unethical, but there is something else to consider. One good way to rise in a business is to work for someone who is "going places" and willing to take people with him or her. At very least, it is good to work for someone likely to get promoted if there is a chance to move into their position. Frankly this bozo or bozette does not sound like someone who is going to climb the corporate ladder. At best this is a short-term scam, and the boss can only look good for a short time before the wheels start coming off this project. At that point the boss and everyone associated with the project will be tarnished. If the boss owns the business and is running this type of scam, then there is not much future in this business.
Should I be against spam for any other reason than I am annoyed by them?
Your argument might have carried some weight back in the mid '90s when spam was new and "a lot of spam" meant 30 or 40 messages a week.
The damage caused by spam is not mere annoyance.
The direct cost of spam was already outrageous by the end of the century. At one point in the '90s I was being charged $750 a month for excess traffic, just from the overhead of *rejected* spam. i had to drop whole *countries* at my router to get that under control. It's gotten to the point where spam is the overwhelming majority of email out there: less than half of one percent of the email connections to my server are for legitimate mail. That is, for every legitimate message, over 200 spams have to be handled, one way or another.
And even the SECONDARY cost of spam... things like incorrectly bounced and dropped mail... has long since passed 'unacceptable' and is now accelerating full tilt for the edge of the economic universe.
Ten years ago "I don't think spam should be any more illegal than billboards, flyers, or direct mailings." was a bad analogy, mister "Bad Analogy Guy". Now... you're either trolling or improbably naive.
Maybe a solution to this problem is to go higher up and see if another person in your department at a higher lever thinks it's O.K. to proceed. If so, then you know that if you don't change jobs, you'll be in for a lot of resistance. Personally, there is no way in hell I would do that for my boss. It's just plain wrong. But it's always good to see where everyone else stands in the company, just so you are not shocked at the ramifications if you decline, and try to go higher up for support on your position.
Reminds me of a time when an Ebay'er was pointing to images on my website for an automotive auction. Didn't ask us or give us credit for the images. So, his example of "recently restored examples" became a photo of a '63 Imperial being loaded into a crusher.
How's that for Crushing the Competition?!
To Copy from One is Plagiarism; To Copy from Many is Research.
Please explain how you are safe. If you scrape other people's website, then, generally, other people own the copyright to said information. Unless the website has nothing but public domain information, you will be violating other people's copy rights. Even on /., "Comments are owned by the Poster" so if you scrape this comment, you would be violating MY copyright.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
And it's soooo web 3.0.. go for it. :)
Burn karma, burn..
I would try to convince your boss what he is asking is wrong and that you must do it a different, legitimate way.
I'm not sure if you are a software engineer or not but we do have a code of ethics.
If you see an ethical violation it is your duty to tell the company you work for they are or are about to make an ethical violation. If you do get a bad reputation for this hopefully the new company you are going to is ethical and you can point out that the code of ethics required you to do what you did.
I don't know if this comforts you any but you could point out that the code of ethics prohibits a supervisor from punishing someone for pointing out an ethical violation.
Here is a link to the code of ethics. http://www.acm.org/about/se-code
That is a SURE-FIRE way to NOT get hired next time.
Look, you are an employee of a corporate: protected by its immunity.
You are an agent of the corporation: The Principal (Corp) bears the full responsibility for its orders to you.
If those orders are illegal, and you declare you obey them without knowing they are illegal then the corp is responsible.
Most probably when the FBI or MPAA raids the corp offices you won't be charged: you can't be.
The max the feds can do is to offer you protection for testifying against your boss.
"Doing what i can, with what i have." ~ Burt Gummer
No, I do not "get it", if "getting it" means singling out a one form of an accepted practice simply because it differs in scope to its relatives.
Why not? You have two similar, but not entirely analogous actions. One is vastly more damaging than the other. Why SHOULDN'T they be treated differently?
Differences between spam and direct mail:
Direct mail: pays the Post Office more than it costs to mail, and subsidizes first class mail.
Spam: pays a fraction of its costs, and often pays nothing, and is in such quantity that the majority of the cost of running a mail server is dealing with spam.
Direct mail: is limited by economics. The costs of a direct mailing, including materials, postage, and mailing lists, is upwards of 50c per address... and often several dollars per target.
Spam: has no economic limits, since the cost is negligible... and if it's sent by a botnet that cost is born by secondary victims.
Not analogous at all, when you compare them. No reason to treat them the same.
My employer asked me to do something that was unethical, and likely illegal. I asked to hold off on implementation until we could consult company counsel on the legality of it. Boss and director said "No. Do it. Now." I made my case, said I'd be happy to keep working there, or not, but I'm not going to do what they're asking me to do in this case.
The next day I got my walking papers. I felt more liberated than upset.
I've now worked for two scumbag marketing companies and I'm thinking it's probably best, if you have a conscience, to avoid them like the plague.
Just because someone doesn't put up a mechanism to prevent this, doesn't mean this use of their system is authorized. If they have a policy, either in written TOS form or something automated like robots.txt, and you violate it, this could be considered unauthorized access under the law, and you could personally be held criminally responsible.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
What is it about what you are doing that makes you think you are safe with respect to copyright issues?
if i were the "website" you're scraping i find it hard to believe it would go unnoticed.
I'll warn you once or twice about it, then over the next weekend
create something nice in my OSS webserver that replaces your
scraped content with pro-taliban rhetoric and dancing goatseman.
I'll then forward all of your frantic phonecalls to my FOSS astycrapper.
Good people go to bed earlier.
I noticed you left out phone calls. Perhaps that's because you realize there are legal limits to sending unsolicited information. In the case of billboards, mass mailings, and fliers, the seller/marketer bears the cost of the communication. A person does not need to accept a flier that is being handed out. People can opt out of most mass mailings, or dump the unopened envelopes when they arrive. Billboards, while often obnoxious, don't require that I deal with them (I need not look), and most cities and states are regulating the number and size of billboards already. Spam can make a user's email inbox unusable. I know two company execs who have stopped pulling email messages on their BlackBerry devices because the volume of spam they receive makes it impractical to use the devices for email. Unlike those other forms, spam can have a documented negative impact on consumers, and on the carriers (ISPs and mail servers).
You likely don't list phone calls because legal precedent is clear that consumers don't need to accept them. Unlike the other forms of mass communication, telephone calls are considered an imposition on consumer rights and privacy, so consumers may opt out (proactively with the "do not call" list). With cell phones, it goes further, since incoming calls can cost the consumer money, and Federal law already protects cell phone numbers from unwanted cell-call-spam (this does not protect cell users from solicitation calls from vendors with which they already have a customer relationship, or in cases where the consumer has willingly waived the right not to receive those calls). Email still costs some consumers money (those on dial-up and those with limited plans, few though they may be), and the volume involved also creates a quantifiable burden on consumers. [Care to wade through the 300+ spam--not subscription messages or vendor updates--that I receive a day across my various accounts?]. Email spam also creates additional burdens for the carriers and companies that host web servers. Unlike the postal service model, where the bulk mailers pay to have their messages delivered--including all intermediary post offices, spammers send their crap across countless servers that are overburdened due to the flood. These devices require additional hardware resources, often additional support, and additional software expense to try to eliminate that crap that is coming across the wire. Then, remember that the majority of spam is sent from compromised bot machines, which are illegally accessed and used to send the crap... The "ordinary person" principle would apply here. An ordinary person would see a problem with that.
The fact that you don't makes me wonder if you are (have been) a spammer, or if you provide(d) support services for that economic machine. If not, I apologize for what is perhaps the greatest of insults (suggesting that you are a spammer). If so, you just prove yourself to be outside of the mainstream of society.
I use irony whenever I can, but my shirts are still wrinkled...
I think you need to realize that there is a big difference between business ethics, ethics in e.g. politics, and ethics between ordinary people.
In business there is no such thing as "ethics" as a self-standing concept. Except perhaps in a company's Code of Conduct, which is only ever meant as a piece of PR material. Everything is relative to the long-term and short-term business prospects. The time period being dependent on the length of tenure of the manager who takes the decision. If it's a course of action likely to generate a net benefit within that time-frame then it's "not unethical", otherwise it's probably "unethical".
Any action that's not outright illegal *and at the same time* very much open to detection, is acceptable from a business ethics point of view, and therefore "not unethical". Things that are illegal and likely to be found out are "unethical" (provided the damage they do is not exceeded by the revenues they bring). But only because they're likely to harm the company under the above-mentioned timeframe, and for no other reason. I just thought I'd make that clear.
So I'm sorry to say that my advice is: cooperate fully with your boss and keep him happy.
You may however wish to engage in a little CYA practise, just to guard against the possibility that if this little caper is found out and embarrasses your company, your boss may or may not be replaced but *you* probably will be blamed for carrying out something that you ought to have known is unethical. You are the one with the specialist knowledge after all, right?
If anything, your boss might even claim ignorance as a defense and blame *you*, the specialist, for not alerting him.
So yes, send him a polite and low-key email explaining (briefly) why you believe that this move might be less than beneficial to the company and suggesting that he consider an alternative (if possible give him one). That's all. Having sent it, get busy with the screen-scraping.
Do NOT in any way or form mention the word "ethics", "ethical", or even worse "legal". If you do, you'll create an immediate conflict (because you imply that (a) you know better than he (b) that you're telling him how to do his job and (c) that he's acting unethically or even illegally and (d) if you produce it later, your *then* boss will see that it's less than helpful) because your boss will know instantly that you are preparing to shift the blame on him, and only engaged in a CYA exercise.
Oh, and by the way, you will need to be able to prove you sent it, so (depending on how much power your boss has on email retention) make an unobtrusive backup of your out-box on a CD a week or so after you've sent it and hide the CD.
Brian, come to my office. We need to talk.
Then shut up and do as your are told.
If you don't, then refuse and get fired for insubordination.
Pretty simple really.
---- Booth was a patriot ----
My former boss asked me to make some data public that was in a user's private folder, after the user quit the company. In the contract that the user signed it was mentioned that no such data could be accessed without the user's permission.
Write an email to your boss, expressing your disagreement with his request and that you're willing to do what he asks you, but under protest. Then if your boss replies that he agrees with that, you can do what you've been asked to do without you being responsible.
Disclaimer: i got this advice from a lawyer, but check with the law in your country before taking this advice.
You obviously have different ethics from your boss. I'd start (quietly, very quietly) looking for another job NOW, while diligently working on the project you have been assigned to.
If it looks possible that your project will go live before you have another job, I would, as tactfully as possible, e-mail your boss with a clear statement of your concerns, and bcc your home account for permanent record. If he wants to proceed, you're just doing a job, I don't think it is incumbent upon programmers to start a crusade every time they see something that they think might be unethical (even though many programmers do this anyway.)
And, to reiterate, NOW is the time to find that next step in your career path. Try for better salary, benefits, etc., but if you find a straight lateral move, I'd be tempted to take it rather than continue working for a slimeball. What I see is that he values your time and effort less than the $2000/mo account - and, as other posters have said above, you're likely to be re-coding your page scraping very very often - which, when it happens, is going to make you look bad, i.e. boss says: "oh, he can't code anything that works for more than a few weeks...", which he either a) is a big enough moron that he actually believes himself (most likely), or b) he simply is giving you a rat-trap job to make you look bad.
My first boss after school hired me, then a few months later started to feel threatened by me and a couple of the other guys he brought in (yes, he really was that out of date and apparently unable to keep his skills up.) He started a campaign on me, giving me project after project and pulling me off before I could finish. After he had a pattern of 4 "unsuccessful" projects I had worked on, he pulled me in for a firing meeting. 5 years later I had his job, a few months after that, he retired. That was a unique situation where I had direct access to his boss, who recognized more or less what was going on. In a bigger place, I probably would have just moved on.
Somebody once pointed at a picture of a frosted birthday cake on my web site from a forum. So I grabbed my image editor and built a special edition of the cake just for him, where the frosting read "Don't link to my images!"
I also have a specially crafted JPEG which is under 1000 bytes but which produces a 20,000x20,000 pixel image filled with black. It will totally screw up the layout of any page linking to it if they haven't entered an explicit size for the tag.
If you mod me Overrated, you are admitting that you have no penis.
Your employer doesn't have the right to ask you to place yourself in legal jeopardy in this way, and if the sh1t hits the fan do you really think that someone that came up with this scheme will balk at placing all the blame on you.
Absolutely. That's why you should agree to do the work, but because of the increased risk to yourself, you should ask for a "little something extra" under the table, just between you and him. A wad of hundred dollar bills passed discretely in a handshake, for example. "I help you, boss, you help me?" is a good phrase to clue him in on the situation and what's required for the project to continue. ...or perhaps he may rethink how he wants his workplace to operate?
I worked for a similar company, that continually operated in the "dark gray" area of black and white. I often noted the situation, proposed a high-road workaround, and sometimes they agreed, sometimes they didn't.
Eventually I got fired.
Its been two years out of work in a VERY shitty economy. Its wiped out my personal savings, my marriage is having a tough time, and my confidence & health is in the shitter. I'm a good worker, and good at what I do. I'm not perfect, and don't pretend to be. I'm probably just like most everyone else here.
If I had it to do over again, I'd smile and say, "Yes, sir!"
If this happens enough to bother you, then look for another job on the sly, but don't stick your neck out.
While researching unemployment benefits (unrelated to my job, thank goodness) I found that many states have a very small set of circumstances that let you quit your job yet collect unemployment. Being told to do something that is illegal/immoral/unethical is actually one of them in the state I was researching.
Since this is kind of a grey area here is how I would look into my options.
With these things in hand you have a decent chance of being able to keep to your morals, not take a big financial hit while looking for new work with more ethical employers, and possibly flag this place as somewhere that doesn't play well with others. I suggest this course because simply saying "Quit and work for someone better" sounds great but is not very practical in reality where you like to sleep indoors and eat cooked food.
You'll find that we've all had to suck it up and do something we know isn't the correct course of action but generally that doesn't include something ethically wrong. Mostly it's a matter of knowing that what the company wants to do isn't going to work but also knowing there's nothing we can do about it.
(note: IANAL, and the following comment only goes if such things are illegal. if not; just refuse because violating TOS is asking to be kicked out, which will reflect back on your customer service. anyhew:)
Why are most people focused on the CYA part, and not even remotely thinking of simply refusing to do it?
Note that I am not against covering your own behind here, you can do that even when you refuse, in case things escalate.
But the fact of the matter is that in the end, you are willfully taking part in illegal ventures, and if you can't be prosecuted for that just because your boss told you to, the law needs to be fixed. If he can fire you for refusing such an assignment, the law needs to be fixed too.
Subject says it all
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
If unemployment benefits come anywhere close to what you're making as salary, you need to get a new job immediately. If you've got sufficient "computer skills" to post on /., you should be making more than double what unemployment will pay you (at least, this is true in the great state of Florida, I believe it is similar across the US).
I started working with Kelly Blue Book in California, and was asked to strip copyrighted information for use as their own. The second day on the job, I began inquiring about how legal this was, and I was told at the end of the day not to come back to work.
Sure, it was only two days worth of work, but I'd rather not be involved in something unethical or even quasi-legal when it comes to business. Some scars can be hard to hide.
My take on this is that, though your assignment has spawned an ethical question, the reality of the situation is economic.
Your boss believes that it will cost him less to "scrape" data from the website and use multiple free accounts than to simply pay for the data access. This may be true at first, but, ultimately, this is false.
On the off chance you've not scraped websites before, I'll tell you that this is extremely error prone. So, while this may work initially, you'll be constantly chasing down bugs in the process.
Based on your description I assume you'd be automatically logging into their systems before scraping the data. What if their login process changes? What if they restructure their website? What if they add a captcha to the registration and login process?
My point is, what your boss wants to do is, to use Steve Job's recent phrase, a bag of hurt.
I'll bet that given enough time, the cost to your company in terms of your salary to build and maintain this application will be greater than the cost to actually pay for the data and create a dependable connection.
Don't forget to factor in what it costs you when your users see bad data or error messages due to the process breaking.
It'll cost less to do it the right way. So forget the ethics of it and educate your boss on the economics of it.
Email the boss, and BCC that email to the company you plan on leeching. That way--you've clearly placed the blame on him, and you get a shiny new boss in the end.
As someone who works for a web company that is full of high-demand listing information, we are constantly having to deal with this kind of activity. Any site with dynamic data that is in demand will already have a procedure to deal with the kind of activity you are driving to it, as they have almost certainly dealt with it before. In our case, we have a network appliance that can detect if you are a scraper based on your traffic, and then serve you a "you've been throttled" page. In short, your script will be an exercise in futility. Here is a better solution for your company - contact the source of the data, and offer to purchase a feed from them. Chances our they will be willing to comply to keep you from loading their website with stupid traffic. You will end up having to pay money, but at least your process won't break. You should suggest this to your boss at least. A side note: your peers will definitely frown on your actions. If I knew a person behind this kind of activity they'd get branded scarlet-letter-style.
There's nothing inherent in spam that says, "Hey, I'm accessing a computer illegally!"
Even before botnets, spam was unacceptable.
The damage caused by spam was already clear a decade ago.
The fact that there may be spammers who are not using botnets is a straw man. They do not have clean hands either.
If you have any doubts about the ethics, then you should go to law school. Not to learn about ethics, but because you've already shown they don't really matter to you, which is the main requirement to take the LSAT.
The TOS isn't a contract.
I wouldn't want to play musical lawyers on that basis.
http://yro.slashdot.org/yro/08/07/07/1824228.shtml
See: http://www.dilbert.com/strips/comic/2008-10-27/
I was asked by the president of my company to conduct espionage operations on a CEO of a company that he wanted to buy us. I simply said no. A few months later I was let go, I'm not sure if it was related. Would I do it if I thought it would keep my job, no. It was against my ethics, and I would never commit a crime. I'm a good person.
They also asked my coworker, a young college intern, and he was excited by the idea of getting to conduct espionage, but he wasn't certain if he should. He asked me, and I tried to talk him out of it, in the end he decided to tell them no as well. Or, at least, that's what he told me. He could have been working on it for them anyways.
I loved working there, and I wish I still was. I really enjoyed the work, if not the people.
Not abiding by a website's TOS is not "illegal". At most there could be a copyright violation, because you're making a copy of their copyrighted data without a license to do so. Which is a civil matter and not a criminal one. (No quibbling responses will be allowed that sometimes copyright violation is a criminal matter. This is almost never the case.)
But this is an "at most". It's 95% probable that the scraping is not "illegal".
Do what you boss wants, but anonymously tip off the sites that you're scraping and having multiple accounts with. Let them deal with it legally.
That way, when it fails, you can switch to the paid accounts. Which, BTW --- $2,000? Where the fsck are you hosting? For that price I can get 6 quad dual core servers in the cloud with 8 GB of RAM each. That's A LOT of free accounts.
Maybe if you presented a cost-effective alternative your boss would jump for it?
When faced with situations of moral or legal ambiguity on a personal basis like this, your decision to 'go along' with the scheme will be influenced by multiple factors. Many companies try to instill a large bit of 'team spirit' into the operation as a binding agent. Seems to be specially prevalent among the shysters. Cue the Enron employee conversation regarding screwing over "Grandma Millie" on her electric bill and remind yourself that there was an entire corporate mindset that involved thousands of people, all pretty much resolved that it was a noble mission to screw people over as badly as possible (with special glee reserved for those most damaged). What more would they have done, and how far would they have gone in pursuit of money and career position if they were already laughing at the suffering they were inflicting on OLD PEOPLE??? Business ethics like that result in individuals robbing the entire nation's (world?) banking and finance industry, and then for kicks getting the government to hand over the treasury as a 'reward'. You pull off something that crass and evil in the business world and they'll fly you and your minion off to a half million dollar holiday weekend in the Bahamas. It often boils down to how much internal dissonance you can tolerate versus your ability to otherwise provide an alternative for providing Maslow's basic hierarchy of needs and what level of suffering you are willing to go to in regards to your personal integrity. Enjoy.
This ain't no upwardly mobile freeway This is the road to hell
There is some case law support for enforcement of web terms of service. It's a complex topic. For discussion, see http://hack-igations.blogspot.com/2008/05/google-privacy-policy-terms-of-service.html and http://hack-igations.blogspot.com/2008/02/contracts-for-patient-privacy.html -Ben
Benjamin Wright, Dallas, Texas, benjaminwright.us
If you have to ask "is this ethical" it isn't.
Why do people, especially tech-savvy people, believe that having an email record is "proof" of anything? It's just like accepting faxed copies as good as originals. In this day and age, this stuff is SOOOOOOO easy to fake!
If email was considered proof, I could prove that my boss offered me a $2M bonus for keeping quiet about his gay love affair with the CEO. Unfortunately, it wouldn't hold up past the first glance.
If you want proof of submitting your claims, do it the old fashioned way... use the legal process. "You've been served". Short of that, it's all hearsay.
MadCow.
I used to have a sig, but I set it free and it never came back.
Does the furniture in your workplace consist of folding chairs and tables? These duct tape and popsicle stick type projects tend to become maintenance nightmares...
Make sure you use your boss's name and email for all contact information on the user accounts you setup for the scraping.
We are the 198 proof..
In the mid nineties at Jackson State, I took a course on marketing ethics that highlighted some prominent examples of large corporate malfeasance in relation to marketing. A noted example was marketing of high priced baby formula to third world countries by Bayer. I also had a post-grad class on management ethics that highlighted a case where a large defense contractor deliberately downsized the brakes on a military jet to save a few dollars, thereby knowingly risking the lives of the flight crews. The troubling thing about these courses was the emphasis on how the whistle blowers always ended up suffering. It was STRESSED that you should NOT be a whistle blower. I was specially critical of this message, given by a white life insurance agent (doubling as college instructor) to a predominantly black audience (graduate class at Jackson State University). As the only other white guy in the class (of 20), I questioned this teacher's ethics in carrying such a message. His answer to my concerns? "These young black people have a hard enough time in business without going on a crusade of justice and righteousness within the business community". He was right I suppose. The young black students needed to be indoctrinated with the idea that white folks have set-up a business ethic that believes it's only illegal if you get caught, and then, we'll have our cronies cover the mess you make. American business schools seem to be in the business of making sure that you can suppress whatever humanist values you hold that would be a hindrance to the organization. They teach that the values of top management are loyalty over all. I wonder how many of my black classmates got suckered off to Arthur Andersen when they were heavily recruiting minority employees way back then? LOL. Enjoy.
This ain't no upwardly mobile freeway This is the road to hell
This Monkey you call a boss obviously knows this isn't kosher so your real question is "Why is it me" not "Should I do this". If you are the only one who can do it then you must ask "Will he throw me under the bus if this blows up in his face?".
Not abiding by a website's TOS is not "illegal".
We'll see. There's at least one case where violation of a TOS is being argued as "unauthorized access to a computer system". This one is still in the pipeline, but I sure wouldn't risk it.
See http://yro.slashdot.org/yro/08/07/07/1824228.shtml
1. This design is clearly unethical, because it violates the TOS of the subject web sites.
2. It may be unlawful, but the company should consult its lawyers on that.
3. The design won't work for long. Web sites change page formats very often, so screen-scrapers require a lot of unscheduled maintenance programming.
So the thing to do is to express your concerns, in written form. The memo should say:
Re the first application:
1. The proposed design appears to violate the TOS of the subject web site. Because TOS agreements are a form of legal contract, we should consult the company lawyers before proceeding.
2. The company that runs the web site may discontinue the site, change the screen formats, or feed invalid/wrong data to the application. This will make our application unreliable and prone to unscheduled outages.
Re the second application:
1. The proposed design appears to violate the TOS of the web hosting site. Because TOS agreements are a form of legal contract, we should consult the company lawyers before proceeding.
2. The cost of developing the distributed application, and maintaining it, will probably exceed the $2000/mo that would be avoided.
3. If we go ahead with this development, the web hosting site may discontinue the free service at any time.
Finally, the memo should ask for a go/nogo decision on each of the two projects.
If the decision is "go", in writing, then don't worry about it. If it is verbal, reply in writing to confirm that verbal communication. In either case, update you resume.
If the decision is "nogo", take credit for saving the company from potential liability. And, of course, propose an alternate design.
I used to work in customer service for a fairly large e-commerce outsourcing company. We broke the TOS's given on our websites daily. The terms of service were basically thought of as best practices. If you wouldnt break them, you wouldnt be there for more than a day, but most employees never even read them.
"A claim for equality of material position can be met only by a government with totalitarian powers." Hayek
Spam is unsolicited broadcast messages to people you don't know.
It doesn't matter if you offer an "opt out" option or not... giving people "one bite at the apple" with an opt-out mechanism doesn't change the nature of the process, because there are too many potential spammers for "one bite" to scale. In the average city there are at the very least tens of thousands of businesses, organizations, and activist individuals who can make a good case that they should have the right to spam you with a valid "opt-out" address. On the Internet, every city on the earth is next door to you, that's millions of "legitimate" spammers... if "one bite" was acceptable. That's just not manageable.
If they already know you, if they already have some kind of relationship to you, that cuts the number of entities that can make an argument that they should be able to send you a single opt-out message from millions down to dozens. THAT's manageable.
That's the difference between a legitimate (if possibly annoying) email and spam.
When best-buy sends you an e-mail about their latest deals, that's spam.
It may be spam, or it may not be. If you gave them your email address in the course of your business relationship with them, it's not spam. Because you're not someone they don't know.
I've been in a similar position, scraping part numbers and sales data from a manufacturer's website.
Basically if they had offered a proper database account we could do all of the data pulling The Right Way(tm). Instead we are forced to strong arm the information out of their website instead (and that was NOT violating the TOS for that particular instance).
Fix the problem at the root: have the company open up its data in the appropriate format (possibly with a small fee) and their customers will be able to get the information they need without maligning the web server.
-keless
I was recently in a similar situation where I had to choose. I worked for Hixardt Communications (in Pensacola, FL) - they are a pretty small "IT Firm".
I started seeing complaints come in to the abuse box from the upstream provider (Southern Light) about spamming from the Hixardt network. They were the scam-type "click here, you've won something". Apparently, the morons at Hixardt allocated 4 /24 networks to only 6 systems to spam from hundreds of fake host names.
Southern Light gave these guys these ranges with the provision that they would not violate their ToS against spamming. Well, the owner of Hixardt and his buddies decided to do it anyway and received a 3 month letter from Southern Light that told them to stop it or pay them for the addresses. I was expected to help Hixardt out of this situation by moving them to Cox and lying about the # of addresses needed. I refused and was fired by Mike Hicks. But, at least I can sleep at night.
Either a sock puppet or someone who is improbably naive.
But your fuel tax pays for the road that goes in front of the billboard. So yes, you ARE paying to see that billboard.
You would pay the same amount whether the billboard was there or not.
The electric company is using the taxes and profit from YOUR electric bill to run poles and wires to that billboard
No, the billboard owner is.
They're also paying property taxes, usually at an extremely high rate, as well as up-front fees.
If they don't pay tax and power bills in your city, talk to your local representatives.
Sure, it's immoral, and you're violating the other website's TOS. That, however is completely irrelevant.
What is relevant is that any feed you use that isn't backed up a valid contract, can and will disappear at random times, sometimes permanently, as well as contain data you weren't expecting and be missing data you were expecting.
Ask your boss how happy he'll be when the domain owner sells to a spammer and his scraped data is now "Male Enhancement" ads instead of weather data.
To paraphrase
"My boss tells me that my job requires me to kill people - is that wrong? Should I do it?"
This is a nobrainer.
I once worked for the Department of Employment Security. They sent me to two weeks of school learning the system. I worked one week before they laid me off. Of course, by then I knew all the rules for getting unemployment and managed to double my claim.
Basically the issue is this: If you quit, then the onus is upon you to prove you quit for cause. If you are fired, the onus is upon the employer to prove you were fired for cause. Within those two parameters anything can happen, and a lot depends on whether the former employer tries to fight it. Whether or not your weekly check from unemployment is enough to pay your bar bill, having gone through the process of claiming unemployment may help you with a legal paper trail that may be useful in the future. Your former employer may wind up trying to bite you, and your furure employer may have questions. The paper trail can help you prove your case.
How about a moderation of -1 pedantic.
Hi:
Being someone who has collected such benefits in the recent past, I can say that this is not a good alternative.
Given a choice between getting paid 1/3 of my salary or being unethical, I would choose the latter.
Although I would do my best to negotiate my way out of it.
The first steps are fine, but I would not recommend you to take the option step of blowinging the whistle unless you really feel strongly about the site or people you "victimize" and see it as you moral responsibility.
If you accept the job and then turn around and blows the whistle you have acted maliciously against your employer. They may have questionable morality but the fact is that you have agreed to work for and being loyal to them, don't sink to their level. They might even have legal grounds to sue you if they find out since you clearly have willingly sabotaged their business.
The only way to take the moral high ground here is to first try to make them change their mind and if that doesn't work refuse to take part in the scheme or at least demand in writing that management take full responsibility. Yes, that could have very bad consequences too. I don't envy your situation, I've been there myself a few times and have not always made decisions that were smart or made me feel good in the long run...
Of course, if things went far enough I would blow the whistle, but I don't get the impression this is one of those cases. It would be a totally different matter though if you weren't working for them or in any other way had promised your loyalty. In that case I would recommend you to blow the whistle as a concerned citizen.
The TOS aren't (usually) legally binding. IANAL but they can only cut off your access. As for the ethics, it's for your boss to worry about because he/she takes the responsibility. You can point out your concerns but ultimately it isn't your decision. If your boss listens to your concerns, but disagrees. That's fine. If your boss chews you out for not being a team player or won't even discuss the issue, then that is a better reason to quit than some ethical dilemma.
You can quit over it pretty safely, because in many states employers aren't allowed to speculate why you quit when being called as a reference. But I wouldn't quit unless there were some other factors that make you unsatisfied with your job. I would be willing to suggest that if you want to quit over something like this that you're just looking for a reason to quit, and that you either figure out why you don't like your job and keep it or quit before you get fired over something stupid/careless.
It's not like they are grinding stray dogs/cats into dog food, or hiring overseas child sweatshops. Your ethical issues seem to rank pretty low compared to the real shit that happens in business.
“Common sense is not so common.” — Voltaire
I say build the scrapper. Then after a week or so make it break yourself. Inform your boss that they discovered your scrapper and fed it false information. Also include that finding it once so quickly implies they will find it if you attempt to perform a work around. Then tell him it would be dangerous to continue less he wants legal actions taken against him. Finally recommend against using this method again for the previously discussed reasons.
The ombudsman is there to represent the interests of the employer. He protects the company interests by adopting a neutral, sympathetic tone. He is there to collect and address grievances from the staff and recommend solutions. Whenever possible a good ombudsman will arrange a win-win situation. But if the situation dictates that either the company or the employee lose, the ombudsman will do his best to act like the employee's trustworthy friend while ensuring that the employee loses.
An ombudsman could be clever and underhanded. A slimy ombudsman could, for instance, recommend an employee talk to a recommended "stress management expert" -- then in an eventual trial the company could smear him in court as an unhinged loony undergoing therapy. Now obviously this would violate the ombudsman Standards of Practice, but guess what? Company's don't hire ombudsmen to adhere to some Norwegian Social Democrat's "Standards of Practice", they hire ombudsmen to make problems disappear and to prevent them from happening in the first place.
Example of Ombudsman BS: My girlfriend recently went to her company's ombudsman to complain that the aerobics instructor the company had hired was batshit. The ombudsman immediately broke confidentiality explicitly violating his "code of ethics" and the personal guarantee of strict confidentiality he gave her. The ombudsman casually revealed her complaint to his secretary, even though he was told that his secretary and the batshit aerobics instructor were friends. The angry and still batshit aerobics instructor confronted my girlfriend about this after the next aerobics class. And the ombudsman never got back to her.
If you are being victimized by a line manager in a way you know upper management would disapprove of, going to the ombudsman might result in a positive change. But even in that case you still might be better of talking to your own lawyer.
If you have been victimized by your company and are considering seeking legal remedies, get a lawyer. The ombudsman is not your lawyer. If you belong in a union, then your union may be willing to assist you, but they might sell you out. Ultimately, only your lawyer is your lawyer. 99% of the time the ombudsman is just a person who acts really sensitive to your issues and tries to assuage you with sentimental cliches.
But if you think it's unethical, it probably is. You can still try to explain to the boss why it's wrong and if he makes you choose, well, you get to decide.
For me, I'd have to leave. You boss sounds like a sleaze and people like that aren't worth your loyalty, as most of the time, they have zero loyalty to you. If he will screw over people he doesn't know, because he doesn't want to pay them, why do you think he wouldn't screw you over if it directly benefited him? Get out while you can.
People need to learn to have principles, and just because it's not, as one reply put it, 'grinding stray dogs/cats into dog food', doesn't make it any less wrong.
At the end of the day you have to live with yourself. Can you do it in good conscience? If you can't then you probably shouldn't.
The only thing necessary for the triumph of evil, is for good men to do nothing.
Can you post the URL?
Get the corporate legal counsel involved. If your firm is large enough to have an in-house attorney, this is really easy to do. Just tell your boss that there are certain legal risks to the company from scraping and you are going to talk to the corporate counsel to make sure your doing it the right way.
If you work for a large company, it's highly unlikely anyone objects to asking legal. Large companies are very CYA and no manager wants a paper / email trail where an employee said maybe we should ask legal for guidance and the manager said not to do it. Smaller companies there can be more resistance because they have less of legal/regulatory compliance mindset. If you frame the issue as you need to protect the company from liability, it's harder for your boss to object.
If the attorneys say 'ok' and you still have ethical issue with it, then you have to decide whether you want to work there.
If you post information on Internet, you allow users to use it the way they like.
I would also add that getting raw information from a website is a feature that, if missing, is completely ethical to add. There are countries where reverse-engineering for the goal of enhancing interoperability is legally protected (Scandinavian countries) I see this as just an occurrence of this principle. It may not be legal in every country but I see it as clearly ethical.
Oh, by the way, by reading this you agree to send me your life savings and your first born. Cownboyneal has your IP, he will send you a notice shortly.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
The problem may just resolve itself.
My sig sucks.
Assuming you mean the 20000x20000 jpeg, it appears to be circulating the net as a file called "dontloadthis.jpg". Here is an example.
If you mod me Overrated, you are admitting that you have no penis.
OP was asking for options. This is one if he can't work there but doesn't have another job lined up immediately. 1/3 of an income (it's more in my state, btw) is better than 0 income.
This was more in response to the "Just quit dood" kind of answers that continually crop up when there's some kind of job dilemma. Having another job lined up immediately is nice but not necessarily possible. And staying there means working on the project.
So before the unemployment insurance compensation gets dismissed out of hand realize it's one of many options. And it was one he may not have considered since most people think you can only collect those benefits if you're fired.
If they pull the "answer by phone"-trick then I'd say you are deep into FUBAR country and you need an ally if you are to stay at the company.
The very best solution is to interview like crazy and jump ship ASAP, in fact, this is step 0.
Even if it's not possible to get a single smoking gun email from the boss, start needing clarification on many simple details, be sure to include incriminating info in every email, so when the loathsome bastard gets into the habit of answering the simple questions you will be able to build proof that he knew full well what was going on.
You need to realize that the evidence gathering will only be useful in getting the bastard fired and keeping yourself out of legal trouble, it's not going to save your future with the company.
Talk to HR, your bosses boss and/or colleagues and see if it's possible to someone on your side, once you know who you can trust start BCCing them on every single incriminating email to your boss and forward them copies of the answers. .. but get out.
So how's that JPEG compression workin' out for you when your entire palette is ONE COLOR?
No, dummy, you shouldn't do it. Ethics don't change even if your boss told you to. If you wanna get all Godwin with me than I can tell you that troops are still responsible for having followed an order if it's unlawful, that is, something like this. My point here is if you do this, you're still in trouble. Don't do it. Tell your boss it's illegal (or at least against the TOS) and that you shouldn't do it. If he still wants you to do it, tell your boss's boss what your boss wants you to do. Wash, rinse, repeat until you aren't being told to do it or you manage to find work that doesn't require you to break rules.
Google: "All your data are belong to us."
because you are actively interfering with your employers business. You are better off just refusing to do it on legal grounds (be sure to document this) and then suing them if they fire you for not breaking the law.
I had nearly the same problem. My boss asked me to do something that was questionably legal but quite unethical. I found a work around that was both legal and ethical within the parameters of what he wanted me to do but it was very inefficient. When I presented to him the completed work he told me "Next time do it my way" so I found another job, gave less than a week notice and left as quickly as I could. I felt no regrets at leaving and giving less notice than my "contract" required because they had me as a contractor and I was actually a statutory employee if they had tried to hold me to the "contract" I would have gone to the labor board and the IRS and they would have been screwed and they knew it. But you probably don't have that much leverage and my advice would be, if you can't find an ethical way to do it object to your boss and his boss simultaneously and if still ordered to do it publicly and noticeably retain a lawyer and let them fire you. I think in the end you are going to wind up leaving this company any way unless your boss is removed over this.
Why bother
Hi there. I congratulate you on your ethics. My ISP (BT Retail in UK) are involved in doing this sort of thing with a product called BT Webwise.
http://www.donottrustwebwise.org
It is installed in the ISP network, between the user and the ISP and intercepts, redirects, and profiles all the customer's browsing without their consent. If they opt in to having that profiling passed on to a company called Phorm then the results of their browsing including the copies of website pages and a unique profile of their activity is used to create a customer profile to deliver behaviourally targetted adverts. Website owners are basically ripped off with their copyright ignored. BT Retail are getting away with this, with neither police, nor the ICO interested. I see that Ryanair sued a screen scraping site in the Irish courts and came out on top. When I wrote to BT's legal team asking if they minded me ripping of THEIR websites this way, and saying that if they didn't reply I would assume their consent, they never replied. It's wrong to steal website content, as it is covered by copyright just like any other intellectual property, and the UK government have said so - but they don't do anything about enforcing that it seems.
My advice, don't compromise your principles for your boss. Quit and don't even look back.
At over 400,000 pixels per byte, I'd say pretty damned well.
If you mod me Overrated, you are admitting that you have no penis.
"When the truth walks away / everybody stays / 'cause the truth about the world is that crime does pay / so if you walk away / who is gonna stay / 'cause I'd like to make the world be a better place." -- The Offspring, "Have You Ever"
Circumcision is child abuse.
I usually redirect hotlinkers to pictures that either
a) advertise my site/interests exclusively as in "join my drum corps!"
b) show flesh in as naughty a fasion as possible, animation helps here
not because it costs me anything, but simply because I can, and it's funny to me... but the response is definately tuned to the source of teh intrusion and a forum for kids who like a certain cartoon doesn't get the tubgirl treatment while a forum for bag pipers gets worse
Here's my anecdote for your enjoyment and education: A friend worked at a cheese plant. Her job was to do QA tests - bacterial and antibiotic content of the incoming milk; protein, fat and moisture content of the outgoing cheese, etc. She was once told by the boss to falsify the reports of the outgoing product, to make it look like higher quality cheese than it really was. (No health issues, just a question of how much the customer would pay for the product.) She refused, as she was required to sign her name on the report. Instead, she performed her tests like normal, gave her boss an unsigned report with the real numbers, along with a blank report with no signature. He filled in what he wanted and signed it himself. She did experience retribution - poor performance reviews and reports saying she wasn't doing her job. I guess she could have gone to the FDA or USDA or something, but I'd bee surprised if anything positive would have happened, and she would have been working in a hostile environment in the meantime. Instead, she ended up quitting soon after, without even having a new job lined up. Fortunately, she quickly found something better and was much happier. Karma, if you believe in such a thing - she did the right thing and it definitely was the right move for her.
So my advice (IANAL) - refuse to do the work you know is wrong, prepare for a crappy work environment, and get that resume and those contacts warmed up. Because you should be in a better job regardless.
I hate to say it, but you should probably go ahead and involve Human Resources now, in order to raise your comfort level. Bring a printout of the Terms of Service agreements in question to them. Let them veto the whole thing, and you can be done with it.
Remember, TOS can be read by your boss and your HR department differently than us literal-minded Computer Guys would read it, and if they can read it in a manner that allows them to justify writing the screen-scraper, then I say follow your boss's orders.
In any case, by bringing this to the attention of HR, you have done your due diligence, and unless you are a legal expert, you can't be expected to do more than that.
In reality, you really have nothing to worry about by coding this up (as some earlier poster said). Also, screen scrapers on the web are more common than flies in a barnyard. It's far too expensive to sue your company, when they can just block your ip.
Always remember the chickens that have gone before
Instead of just scraping, why not see if you can get a deal to get a copy of the data, updated as needed. This will cause much less traffic, cpu resources etc and the other party may just get a little cash !
http://www.writeitfor.us - Writing IT for the IT generation.
So only women think that you are overrated?
Sorry, couldn't resist.
Wake up - the future is arriving faster than you think.
if fired, hire lawyer and sue the company for unjustified dismissal
Why wait until you're fired? Many lawyers provide a half hour consultation pro-bono (you pay like a $40 administrative fee). Also be sure to read what happened to Chip Salzenberg in a very similar situation, when he tried to tell his management what was going on.
You might want to have a private word with an HR rep. Make it clear that it's private, and tell them that you've been asked to do something unethical and you're not sure how to proceed. In cases like this, a company will tend to err on the conservative side and put the skids on the project rather than take the chance on liability. That should solve the problem. How to do it without revealing you as the finger man might be difficult.
If you do have to walk, make sure you get some face time with an HR rep on your exit interview.
Good luck.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
I wonder if he could anonymously tip off someone who would aggressively want to prosecute these kinds of problems; like the legal department of one of the largest sites being scraped. We've got the BSA and gpl-violations.org -- why not something for this?
Let your boss know the risk he is facing and then ask him if he really wants to risk being caught and shut down unexpectedly, or worse, finding someone has poisened his data.
It's just not good for business.
now that is an intelligent and pragmatic answer.
now one with any instinct toward self-preservation will see this is much better than the 'get it in writing', flat-out refusal, or any other threats or immature behavior rank with self-righteous indignation any other of the slashdot amateur lawyers have suggested.
here you are not only voicing your own personal concerns but you are also giving your employer more insight into the situation and making him aware of the potential risks. you are preserving your own sense of morals and at the same time helping him refine his own.
this is not only taking the high road in a sense but also showing your boss that you're on his side and looking out for him as well, rather than just being difficult. he will appreciate this.
acting as a 'whistleblower' will only get you on his shit list and cause him not to trust you. so while you're interviewing at other places you will not have his support or recommendations later on.
also, to truly be on both sides of the fence, one should try being an employer as well. not all businessmen are evil. not all programmers are ethical.
in fact, i wouldn't be surprised if half of those who are saying this man is unethical for 'stealing' the data might in another breath have no problems with downloading music illegally.
when you think about it, he may actually be more ethical, as, at least he's using some kind of loophole within the existing system rather than completely working to break something outright(like circumventing DRM.)
i'm just sayin'.
That is not an excuse, and most importantly, it is not a legal defence,actually in many industries (Finance and Banking for example) that is an admission of guilt...
IANAL but write like a drunk one.
You guys come with some ideas that frankly are astounding.
In many industries and legal localities that will not get you out of hot water at all, and as a matter of fact doing work that you think or know is illegal could be enough to make you an accomplice.
This chap should check if there are any company procedures to deal with such a situation and follow them scrupulously. If there are none, he must seek legal advice because just by knowing about this he may be already in trouble.
IANAL but write like a drunk one.
"Coded a tecnically innovative bot that leverages the proportionate cost differential of linear purchasing of services vs. the hedged risk of total price of litigation."
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
I told you to scrape Slashdot, not read it. Now get back to work!
I've only one thing to say to Anonymous Slashdot Scraper... '); DROP TABLE rippedoffcomments; -- Goodbye!
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
Unless you work for the Camorra, breaking the law or being unethical is not something that can be classed as proper employment.
You are paid to do a legal, I would say also ethical work.
Why anybody would consider legitimate to do something unethical just because one is receiving a salary is beyond me.
IANAL but write like a drunk one.
In serious companies, there will be a whistle blowing procedure, and frankly what one should do is to followi it with fastidiousness.
Such procedures will normally ensure that the whistle blower is protected.
If a company does not have such things in place then you are in very muddy waters. Depending on the industry (Finance and Banking being obvious ones) being in the knowledge that something fishy is going on puts you in hot water, and failing to report a problem may mean you become legally responsible for any wrongdoing as well. In such a company in such industries you should really talk to a lawyer (there must be very few companies like those left after ENRON, but who knows, life is full of surprises).
If the industry in question is not so unforgiving the best thing to do is to organize a tactical retreat, either to a different area in the same company or to another company altogether.
Doing something illegal or unethical is bound to end in tears and you don't want to be one of the parties doing the crying ...
IANAL but write like a drunk one.
Dire need does not give you moral or ethical grounding to commit unethical or illegal acts.
It is so simple but one needs to be a big man in order to live up to the most basic precepts of ethics and codes of conduct.
IANAL but write like a drunk one.
If your products or services end in properly regulated industries they may come after you.
This is frankly no laughing matter and the ramifications are ugly and unexpected, the easiest thing to do is not to do such stuff.
Pretty simple frankly.
IANAL but write like a drunk one.
Any company not hiring you because you are paying attention to their reputation is a company you don't want to work for anyway.
IANAL but write like a drunk one.
Not even an excuse, I am surprised how many folks around here don't even think that "doing their job" under such circumstances may be illegal.
So what do you do if they ask you to start a CD duplication business without paying the Copyright holders? You go ahead with it?
Honestly ....
IANAL but write like a drunk one.
People working for a company are immune in regards to their personal assets when it comes to pay back any debts.
In any other circumstances where a company asks you to do something illegal regulations are pretty clear: as soon as you know you are supposed to report it (either to somebody in your company designated for that purpose or to regulatory authorities, if your industry is not regulated to such extent you may still be liable and should consult a lawyer).
The "I was following orders" excuse is the lamest one you can chose to protect yourself against corporate wrongdoing.
IANAL but write like a drunk one.
IE also refuses to render it. But when downloaded to desktop, I got a thumbnail, and I can open it in Paint.NET just fine (it's actually 0x808080 rather than 0x000000). Paint.NET swallows 3.2GB of memory when I do this. Good thing I have plenty of RAM and a 64-bit OS :)
Quality, performance, value; you get only two, and you don't always get to pick.
If he likes his job or not is immaterial.
Depending on the industry and his legal locality he may actually be breaking the law, liking his job will not save him from legal trouble.
IANAL but write like a drunk one.
You would have them by their b@@@s begging for mercy in an employment tribunal....
IANAL but write like a drunk one.
Your boss saying go ahead kid, it is ok *is not* ethical, and you will not be legally in the clear in all likelihood.
I am sure you can come up with many situations that are much clearer than this (let me try one: your boss tells you to hit with a car the star developer of your competition. He even signed a paper for you. If you think you would be OK you are really silly).
IANAL but write like a drunk one.
Find another job you feel comfortable with. When you are asked why you want to quit your current job than say that your current company requires you to engage in illegal activity. Simple as that...
Here be signatures
It will totally screw up the layout of any page linking to it if they haven't entered an explicit size for the tag.
That only really works against pages that use the HTML TABLE element for layout. Paragraph wrapping is normally not affected by the width of the page (e.g. due to a single long word or image elsewhere on the page), but tables cause it to be affected. To be fair, most forums use table layouts.
The shareholder is always right.
Yeah, I was thinking of forums. You're right that on other sites it will do less damage. (It will still push everything below it down a great distance, which hurts.) In my experience forums are by far the worst hotlink abusers but your experience, of course, may vary.
If you mod me Overrated, you are admitting that you have no penis.
Link please!
Scrap is to scrape as lose is to loose.
Please update your spelling books kids!
I would do the work, get it working, then a anonymous email to the sites concerned...
Access Point Live Mapping Access Points with Google
TOSes are just words, meaningless words made by someone who mistakenly thinks they have any legal meaning.
The solution to these kind of issues is pretty simple. Tell your boss that you are concerned about the scraping causing liability issues for your company. CC your legal department contact on the issue.
If you believe CCing your legal contact when you have a legal concern is going to get you in trouble, there are real problems with your manager. You can go speak to your legal contact in private, and voice your concern. If you don't have that option, it's time to find another company.
My employer asked not only that I install "Free for Home Use" licensed software on corporate machines; but also on machines that are being sold. (We're a small OEM.)
I put my foot down. Told him that in spite of the fact that previous 'lead technicians' were willing to do this; I was not. If he was to provide me a signed letter from his manager authorizing this, and absolving all employees, I would do it. (I knew that his manager wouldn't.) Thankfully, he backed down, and agreed instead to put a link to said "Free for Home Use" software on the desktop.
If the company is sued and the blame has to go somewhere, will the boss defend you or leave you as the scapegoat? "I just told him to get me some data like this."
If he's unethical enough to not pony up $2,000 (a drop in the bucket for a decent sized company) on a lark, he's probably going to happily leave all the blame on you.
If $2,000 dollars is really too much for him to afford, and this project is of vital importance to your company, consider that your company may not be sufficiently solvent to survive and may have an untenable business model. If it's really important, a higher up will watch to make sure it gets done right.
If your boss was concerned with you, he wouldn't be asking you to do this. He probably doesn't much care about you. Many are desperate for jobs, you can be replaced.
Consider your boss'es temperment. If thwarted, will he fire you from spite? Are you in a right to work state where he can drop you "without reason"? Do you feel comfortable that if you said no you would be gone? Can you apply for a different position in the company? Do you want one? (Are other bosses going to be similar?) Is your business retaliatory, laid back or governed-by-external-regulations sort? If the latter, does your company believe you can't spell compliance without liance? (Dilbert rip-off)
Even if this is minor, what will this embolden your boss to ask for later? If your scared saying no will get you fired, consider that the sort of person who would fire you for being ethical is the sort who will use your fear of being fired to manipulate you endlessly (long unpaid hours, canceled vacations for sudden "urgent" priorities, ever greater offenses you commit under him for fear of him turning up previous things. Hopefully at the moment, your boss has no dirt on you. Keep it that way if possible.
One more important question, ask if he'd be willing to consider negotiating to find an acceptable price with the company, explaining that they likely will catch on and block you, if not sue you. That they HAVE to or someone else would siphon ALL their content and force them out of business. If he's unwilling to even CONSIDER negotiating with the other company for a somewhat lesser feed, but willing to steal it all, dump him. If he tries negotiating, they've got a heads up if he tries scraping later. If the data isn't worth his $2,000, is it worth anything to your company's customers? Will they find the original source superior? Do you add enough that if you did this legit you could compete?
If you don't agree with your boss, and your boss's boss (if you have one) is unlikely to care, then find another job, whilst working on what your boss asked you to do. You'll likely be happier somewhere else if your boss is that much of a tool. Note though that a lot of (usually small) business can be in the grey area, so you are likely to run into similar (although maybe a little more "grey") situations in the future.
If you like the company, and the world (apart from the morally/ethically questionable project, would it be an option to speak with your manager's manager?
Simply have a quiet chat and tell him your concerns, and the fact that your manager has disregarded them, although they would put the company in a position where they may have legal troubles.
Worse come to worse, you have let them know about the issue, and tried escalating it, if the manager's manager tells you to do it anyway, then I would suggest that the culture in your current employer is not conducive for an information worker - if they value another's work so little as to refuse to buy it, chances are they will not value what you do for them.
The company I work for redirects scrapers, or offers to sell the data in an easier to obtain format.
Engineering is about thinking and acting out-of-the-box
Slashdot = Sarcasm
I believe http://www.yodlee.com/ also does the same.
Slashdot = Sarcasm
Try "direct mail has a cost that limits its abusiveness more than spam, therefore it doesn't need to be restricted as much".
The other thing that'll do is get their users EXTREMELY pissed off at them when the site crashes their browser as it tries to create a 400 megapixel uncompressed image in RAM.
I had a similar thing happen to me once, so I gave them a 2MB HTML page of tags. 2MB after gzipping, that is.
Man, can you share that jpg? :D
Might want to consider pointing your boss to this thread? And if he still wants to go forward, cover your butt, either have the email thread that you have advised him that you believe that proceeding with this plan will violate the terms of service from the companies involved. or have him sign a note indicating such.
..just because you can, doens't mean you should...
I would almost suggest... no, i WILL suggest... would it be OK to - upon detecting scraping applications - to have a server-side script monkey with the page numbers? I am sure they could first download the page and then scrape it locally, but if they are scraping live, and bogging down the site, would it be legally justifiable to alter the numbers to damage their reputation?
Wouldn't this be a case of "vengeance is mine" if YOU own the data, and have screen-scrapers not paying for some fair access amount to it?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Sorry, my previous comment WAS redundant...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
One of the women on LinuxChix has a png (I think) with corrupted headers so that it makes the browser load an insane amount of memory and crash the browser. Modern browsers are bit smarter about going "oh that's corrupted, nevermind" though.
look! it's a bird, it's a plane, it's....a girl? yes, a girl browsing Slashdot on Linux
I don't know the details of what you're trying to accomplish here, so I can't comment on the legality, but it sounds like you think there are some issues, and you _and_ your boss need to discuss it with your company's lawyer (if you have one.) And you need to explain to your boss that terms of service can be legally binding, and can have copyright issues, and also that web-based data providers not only change data formats enough that your lost programming time might cost more than buying the data you need, but also that they can look for automated scraping and hand you bogus results.
The robots.txt files were originally designed to tell robots to stop doing heavy-duty queries on sites that couldn't handle it, but also to keep outsiders (especially spammers) from abusing content. And your code needs to follow robots.txt, because many many sites have robot traps that do unfriendly things to unfriendly visitors ("Nice lookin' robot you got there - be a shame if anything happened to it!") - or do userfriendly things to them.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I hope you walk. You won't be damaging your "reputation and future employment opportunities" by leaving.
You can do the project; you can decline to do the project but stay with the firm; you can walk. How much future self-esteem would each choice cost? How much would each choice affect your present circumstances? What's the best trade-off?
I seem to recall that in the US terms of service have been found to define "authorised access" to a computer, and access outside of the TOS is therefore unauthorised. That puts you in direct violation of US anti-cracker laws about unauthorised access to a computer. If more than $5,000 worth of "damage" is caused (including investigation and cleanup costs) then it carries a maximum of 5 years in the pen. If its done for gain (as in this case) then thats 10 years.
You are lost in a twisty maze of little standards, all different.
Reminds me of that guy who asked /b/ what to replace the most frequently leeched image on his site with. (in case you were wondering, the winning picture was spincock.gif)
You've already received a lot of good advice on how to handle this situation. No matter the outcome, though, I'd be looking around for a transfer or another job.
Your boss has given you a pretty good idea of where his moral compass points...which means that if this particular attempt at douchebaggery falls through, you can rest assured he'll come up with another one, probably sooner rather than later. You can also be confident that if there are consequences, he'll have a sacrificial lamb ready for butchering. Can you guess who that might be?
I've calculated my velocity with such exquisite precision that I have no idea where I am.
There are four situations
1. It succeeds. Your boss, being devious enough to foist this on you in the first place, is going to grab all the glory anyway and your efforts will be of no benefit to yourself. You'll be so sick of yourself your performance will decline, and/or your boss, knowing how easy you are to manipulate, will make your job such a living hell that you come to case 3 anyway.
2. It blows up in his face, his company gets hosed/sued/banned, you don't get the results...yada yada yada. Shit indeed rolls downhill, and as your boss has more benefit of doubt than you, anything goes wrong and you'll eat it. Again, because he was sleazy enough to foist this on you. Result?
3. You stand up for yourself, and your boss promptly fires you for insubordination, or starts cooking up bad reviews of your performance, or otherwise exacts revenge in a way that is toxic and probably fatal to your career.
4. You get in touch with someone honest enough to bring this nonsensical scheme to a crashing halt, and nobody is the wiser. At best, you get accolades for saving the company, and at worst, your boss gets vindictive at you for blowing the whistle and you get shown the door.
So either you'll get screwed on credit if it works, turn into a scapegoat if it blows up, get booted for having morals, or possibly get rewarded for saving the company.
Refusing to compromise your integrity will not cause any harm that wasn't already going to happen.
Worst case is the same no matter what you do, and best case absolutely depends on you doing the right thing.
Somebody once pointed at a picture of a frosted birthday cake on my web site from a forum. So I grabbed my image editor...
I think the whole idea of HTML is pointing to resources and not duplicating them. Do you work in RIAA or what?
Using other people's resources without their permission is not considered acceptable behavior where I'm from. The correct course of action is to find a picture of a birthday cake which explicitly has permission to copy it, then put it on your own hosting and linked to that. Using a person's birthday cake image without their permission is wrong. Linking to it on their server, well, you can do it but you're trusting them to serve up the right stuff. If they object to you taking advantage of their service and decide to change the data they return for that URL, you have only yourself to blame.
If you mod me Overrated, you are admitting that you have no penis.