To be fear, they did not just publish a negative blog post about WeWork as the title may suggest, but somehow obtained proprietary data WeWork probably sees as a trade secret.
As I understand it is currently unknown where the author got the data. If WeWorks published this in a publicly available API it is of course reasonable to chart it, but if the author somehow misuses the access he got as a tenant there, this is not (in my view) just an issue about the author publishing a negative blog post as the title indicates.
it's my understanding the API they used was undocumented, so while it's WeWork's fault for not doing a better job securing an API that seems sensitive to them, it's also disrespectful to do something that you're pretty clearly not wanted to be doing
IANAL but you can be in trouble even if the data is openly available but the party managing the data deems it restricted in any way. I believe this is the reason security researchers get in trouble: they access data that is considered restricted and get prosecuted for "stealing" it.
I think the logic to that is something akin to: its illegal for you to take my car even if I leave it unlocked with the keys in it.
michaelbuckbee|9 years ago
Where's the line between "scraping" (prohibited) and reading (allowed) of the API data?
japaw|9 years ago
aji|9 years ago
pm90|9 years ago
I think the logic to that is something akin to: its illegal for you to take my car even if I leave it unlocked with the keys in it.