well, there was a long thread about this on /r/selfhosted where @TheFrenchGhosty@lemmy.pussthecat.org@TheFrenchGhosty@libretooth.gr was saying pretty much what I said, but with a tad more mental gymnastics mostly about EU laws regarding reverse engineering and lack of a formal agreement between them and YouTube.
Unfortunately (or fortunately?), /r/selfhosted is private atm due to the blackout, so I’m unable to find and share thread link.
The facts are:
Invidious (as an OSS project) calls undocumented internal YouTube APIs (they call it InnerTube).
Anyone can host an Invidious instance.
The main Invidious instance, i.e: https://invidious.io/ received a cease and desist from YouTube.
@TheFrenchGhosty@lemmy.pussthecat.org@TheFrenchGhosty@libretooth.gr posted all about this on GitHub, reddit, their personal blog, and contacted random media outlets like the one linked here, to complain about how “we have nothing to do with YouTube, why is YouTube bullying us”. And since everyone obviously wants to give the little guy the benefit of the doubt, everyone starts wondering how it could be that a project that’s all about providing an alternative UI for YouTube, doesn’t call YouTube.
It’s like if a movie pirating website is trying to argue
“Endgame.mp4” is just a file name. It has nothing to do with Marvel or Disney. What the hell are those greedy companies have to do with us??
I’m all for invidious, piracy, etc. But seriously?
A torrent tracker doesn’t host anything either. It’s merely a lighthouse for people to know who is hosting it. And trackers are hosted exclusively in certain specific countries because of that.
I’m not sure that’s true. Most private trackers accept donations. Some even require you to buy some seedbox plan they get commission from (even though that’s generally frowned upon).
All the high profile trackers I can think of that were shutdown through legal notice (Mininova, isoHunt, KickassTorrent, ThePirateBay, etc) were all public trackers. Maybe they had ads or something on their website, but their shutdown had nothing to do with them making money. They were shutdown for piracy even though they never “hosted” any content. They were just trackers.
Hell, even Popcorn Time, a software that just let you easily search torrents and stream them, it hosted nothing, just connected you to trackers that had movies was too shutdown by legal notice.
Trackers that survive are usually hosted behind VPNs and are physically located in Russia or China.
It’s certainly possible to scrape data from interactions with a site directly, without using its API. This is even legal - there were no gymnastics in my response there. However, that decision has since been remanded, then re-affirmed, then challenged, and then LinkedIn obtained an injuction against HiQ which the two of them are still fighting over. So it could get properly overturned.
I definitely thought it seemed like it would be difficult to do this to offer a youtube frontend, but plausible enough that I didn’t look into it. Thank you for this. I’m looking more closely now :)
If they are using undocumented internal APIs, do YouTube’s API TOS apply to those? I checked the text of the TOS and it seems to me like it should apply; they say “The YouTube API services … made available by YouTube including …”. That seems broad enough to me to cover internal APIs as well, if their endpoints are accessible, but IANAL.
Also, the open response to the C&D seems to throw shade at the TOS saying “The “YouTube API Services” means (i) the YouTube API services” but ignores that this is immediately followed by parenthetical examples and qualifiers. The TOS is defining the term so that it doesn’t have to repeatedly add the qualifiers. Nothing weird about that. That’s uh… pretty bad-faith arguing, if I’m interpreting it correctly.
Edit: assuming you refer to the same reverse engineering points that they made above… yeah.
well, there was a long thread about this on /r/selfhosted where @TheFrenchGhosty@lemmy.pussthecat.org @TheFrenchGhosty@libretooth.gr was saying pretty much what I said, but with a tad more mental gymnastics mostly about EU laws regarding reverse engineering and lack of a formal agreement between them and YouTube.
Unfortunately (or fortunately?), /r/selfhosted is private atm due to the blackout, so I’m unable to find and share thread link.
The facts are:
@TheFrenchGhosty@lemmy.pussthecat.org @TheFrenchGhosty@libretooth.gr posted all about this on GitHub, reddit, their personal blog, and contacted random media outlets like the one linked here, to complain about how “we have nothing to do with YouTube, why is YouTube bullying us”. And since everyone obviously wants to give the little guy the benefit of the doubt, everyone starts wondering how it could be that a project that’s all about providing an alternative UI for YouTube, doesn’t call YouTube.
It’s like if a movie pirating website is trying to argue
I’m all for invidious, piracy, etc. But seriously?
Gday matey. The difference with Invidious and endgame.mp4, is that invidious doesnt host anything, its merely a proxy.
A torrent tracker doesn’t host anything either. It’s merely a lighthouse for people to know who is hosting it. And trackers are hosted exclusively in certain specific countries because of that.
I think the issues with trackers is they were making money out of it? Iirc the trackers themselves, if kept from making a profit are untouchable
I’m not sure that’s true. Most private trackers accept donations. Some even require you to buy some seedbox plan they get commission from (even though that’s generally frowned upon).
All the high profile trackers I can think of that were shutdown through legal notice (Mininova, isoHunt, KickassTorrent, ThePirateBay, etc) were all public trackers. Maybe they had ads or something on their website, but their shutdown had nothing to do with them making money. They were shutdown for piracy even though they never “hosted” any content. They were just trackers.
Hell, even Popcorn Time, a software that just let you easily search torrents and stream them, it hosted nothing, just connected you to trackers that had movies was too shutdown by legal notice.
Trackers that survive are usually hosted behind VPNs and are physically located in Russia or China.
It’s certainly possible to scrape data from interactions with a site directly, without using its API. This is even legal - there were no gymnastics in my response there. However, that decision has since been remanded, then re-affirmed, then challenged, and then LinkedIn obtained an injuction against HiQ which the two of them are still fighting over. So it could get properly overturned.
I definitely thought it seemed like it would be difficult to do this to offer a youtube frontend, but plausible enough that I didn’t look into it. Thank you for this. I’m looking more closely now :)
If they are using undocumented internal APIs, do YouTube’s API TOS apply to those? I checked the text of the TOS and it seems to me like it should apply; they say “The YouTube API services … made available by YouTube including …”. That seems broad enough to me to cover internal APIs as well, if their endpoints are accessible, but IANAL.
Also, the open response to the C&D seems to throw shade at the TOS saying “The “YouTube API Services” means (i) the YouTube API services” but ignores that this is immediately followed by parenthetical examples and qualifiers. The TOS is defining the term so that it doesn’t have to repeatedly add the qualifiers. Nothing weird about that. That’s uh… pretty bad-faith arguing, if I’m interpreting it correctly.
Edit: assuming you refer to the same reverse engineering points that they made above… yeah.