An Israeli company called Flash Network is fighting dirty against people who called it out for sneaky javascript injections. It’s a prime example how companies use copyright laws to threaten and intimidate anyone who criticizes them.

When an Indian blogger named Thejesh GN noticed some suspicious javascript injected into the browsing sessions of popular telecom company Airtel’s subscribers, he did what bloggers do: He posted about it on the internet, uploading proof to Github.

Advertisement

Javascript injections are often malicious when they’re done without notifying people, so this was a completely legitimate thing to call out. But even though he was just pointing out something worrisome and not trying to use the code commercially, Thejesh soon received a cease-and-desist letter in an email from a legal team, who copied Indian police to show they meant business, according to TechDirt.

It claims to be representing an Israeli company, Flash Network, which is apparently responsible for the code injection software...It claims that by merely revealing to the public that Airtel was doing these injections, he had engaged in criminal copyright infringement under the Information Technology Act, 2000.

Advertisement

The legal team interpreted India’s Information Technology Act to suggest that showing a company’s code under any circumstances is a violation of intellectual property. As TechDirt pointed out, this interpretation means that anyone who pulls up code and shows it to someone else is in violation of the law.

But that’s not all: Flash went international on its intimidation conquest, using a US Digital Millennium Copyright Act takedown notice to coerce GitHub into taking down the code.

Even though Thejesh and Github were threatened with lawsuits, the debacle did end up raising concerns about what exactly Airtel was secretly sneaking into users’ browser sessions. The company admitted that it was using the javascript to track user data, but denied any involvement with the takedown notices.

Advertisement

Airtel is already loathed by Indian net neutrality supporters for its attempts to give certain companies preferential treatment, and now Indian privacy activists are pissed. Hopefully this’ll backfire and draw attention to the ways companies use scare tactics to threaten whistleblowers and researchers.

Advertisement

[TechDirt | The Wire]


Contact the author at kate.knibbs@gizmodo.com.
Public PGP key

Image: Indian net neutrality protests from AP Photo/Aijaz Rahi

Advertisement