Hacker News new | past | comments | ask | show | jobs | submit login
HTTP 451 Unavailable for Legal Reasons (wikipedia.org)
72 points by guessmyname on Oct 25, 2019 | hide | past | favorite | 18 comments

There was a whole campaign to make this happen a few years ago. Here's a link to the campaign and the HN comments. https://news.ycombinator.com/item?id=6217103

Of course it only works if the legal reasons don't prevent you from providing a response that acknowledges the existence of 'legal reasons' (even if it doesn't explain them) - canarys attempt to solve this, but even a '451 is used in response everywhere appropriate' canary is only an existence proof when removed, it being available doesn't show anything.

Who said the content won't be sent back with the response. It can work just like a 200 OK, except supporting clients will show a warning to users.

"451 OK,content available in compliance of a legal request" (maybe 2XX?)

Excellent Bradbury reference.

Has anyone seen this code used in the wild? What are some examples?

very rarely, 2-3 times maybe but just today I encountered it: https://blog.seattlepi.com/microsoft/files/library/2003Janga... is unavailable from my location at least. ( got there from the tweet linked related to this thread: https://news.ycombinator.com/item?id=21357841 )

It's been widely used in Russian segment of livejournal.com for a few years already(

I have seen this from some US sites in response to EU customers cos they couldn't be bothered making a GDPR compliant version of their site.

We use this in our API when a third party backing service makes data about a user unavailable for privacy reasons (usually relating to GDPR.)

It should be recognized though that this interpretation of the book burning in Fahrenheit 451 is perhaps a misinterpretation of the intended meaning in the book.

In this case the imperial unit fitted well.

GDPR law is illegal. You cannot force a company to follow your laws if it doesn't have a subsidiary in that country (unless there is a special agreement between two countries). So I don't care if my SaaS is compliant with GDPR. Good luck trying to sue me outside of EU...

I do not understand what you are writing.

GDPR applies to EU companies only. It is legal in these countries. Not sure what "illegal" means in your comment. Illegal where?

GDPR also states that a non-EU company has to follow GDPR if it offers content accessed from the EU and has presence in the EU (where the fine will be applied). This is normal practice because local law cannot apply cross countries. It is also unfortunate because stronger countries bully weaker ones that way.

No. Just because someone from north korea visited my website doesn't mean I have to comply with north korean laws. Otherwise you need to comply with laws from 200+ countries and need an army of lawyers+developers. Exactly the same with EU countries.

Right. But if North Korea states that a company that is affiliated to you and present in their country will be fined if you do not comply then you have two choices : comply and avoid the fine and not comply and pay the fine (in NK).

The US did that recently. They do not like Iran and decided that US companies will not make business with Iran.

But that was not enough. Any company or country which does will also be punished. Either through their companies on US ground, or through taxes, or through US Dollar trading restrictions.

This is why I said that strong countries can bully smaller ones that way. If this was NK who started that nobody would care. But everyone listens to the US threats (or China, or to some extend Russia or the EU)

I am almost offended when I get “451 Unavailable for Legal Reasons” when visiting some US news publication from Europe. GDPR making it less legal to sell my data to advertisers is not what Bradbury was writing about.

How does it fundamentally differ from blasphemy laws?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact