Just to clarify: This letter was about GrayJay, a 3rd party YouTube front-end that -as I understand it- gets its YT content by parsing the YouTube website. This way they can access YouTube content without using their official (or any, really) API. Parsing the site is more complicated and a lot of work to maintain but good for privacy and no restrictions from API terms of use.
Google pretends not to know or understand this by asking the GrayJay devs to honor the terms of an API they actively avoid using.
GrayJay is being developed by a team at FUTO (dot org) that Louis Rossmann is affiliated with. His personal 'Louis Rossmann' YouTube channel is seperate from FUTO and GrayJay, and isn't part of this issue, nor is his personal channel mentioned in the letter.
I hope I remember correctly, I listened to his video while falling asleep ^^
If you don't need an account or an api key to access it, then there's no contract signed, and so they can't restrict your usage contractually. An API with no requirement for an API key is functionally identical here. On the other hand, scraping a website that only exposes content to logged in users is the same as using an api behind a key. The relevant part is whether you need to sign a contract to access the content.
I think that ship sailed when websites started having to ask users consent for cookies. Now it's no longer "accessing a website" it's "interacting with a service." If they have to ask for consent to set a cookie, you have to abide by their ToS to connect to their servers.
I highly doubt that is legally the case. In situations when I have been in conversations with lawyers about this sort of thing they have been universally of the opinion that to be bound to some terms of service the user has to take an affirmative action to accept those terms. The action can’t just be expressing your cookie preference, and in fact in some jurisdictions (Europe, California? I think) the cookie regulations that gave rise to those annoying consent dialogs specifically say you can’t give a user a different quality of service if they refuse the cookies, so that would seem to undermine your argument somewhat.
DDoS is arbitrary with any definition. What’s the difference between a weak server that can’t handle an influx of load vs an “attack”? The result is the same. It all depends on intent and coordination, which is better defined by lawyers than engineers.
To some extent, you have to expect that anything with an open port 80 on the public internet is accessed by strangers. First because it’s the technical reality, but it’s also part of the principles of the web in some deeper philosophical sense.
Piped is indeed 'related' to NewPipe: Both NewPipe and Piped use "NewPipe Extractor" to extract Video information (AFAIK including stream data) from streaming sites like YouTube.
I believe the main difference is that NewPipe is an Android App frontend and Piped is a web frontend with the Extractor library as a core dependency.
Which makes the NewPipe Extractor library a great starting point for building more, different frontend applications.
Disclaimer: I'm no expert and this is an oversimplified explanation.
reply