Comment by Kleo Petrov on "What do you think of NPM taking Kik away from the developer?"

What NPM did really provoked lots of developers. On their Privacy Policy page they state:

Acceptable Use - You will not submit any content that is illegal, offensive, or otherwise harmful. You will not submit any content in violation of law, infringing the intellectual property rights of others, violating the privacy or other rights of others, or in violation of any agreement with a third party.

and

You will not violate any applicable law.

This means that if Kik's lawyer did provide a prove that the name Kik is trademarked, NPM had the full right to remove the package.

This is pretty logical - the lawyer strikes high. Imagine NPM involved in a law case. This could lead to a lot of trouble and trust issues for the whole NodeJS ecosystem.

This rises another question - What will NPM's next move be? npm packages like google, yahoo, apple, trello, basecamp, etc. can be found on their registry.

What about express. There is a company named Express, founded in 1980, way back before JavaScript and NodeJS. What if they decide to take the act of removing expressjs, because of its name?

It may never (and probably won't) happen, but the possibility of this happening is somewhat concerning.

Update: @aniforprez clarified in his answer that NPM changed kik's ownership, where I though that npm removed the whole package (reference here). This still leaves the question of why NPM took such a drastic measure.

This is the problem with current trademark and copyright laws. They are too general and allow companies to do heavy handed things like this. Don't get me wrong, companies should be able to protect their trademarks and copyrights, but only where applicable. Like when T-Mobile tried to assert ownership over magenta, it often gets beyond a joke.

But it wasn't NPM who un-pulled the packages, it was Azer. But NPM un-un-pulled the package again to not break the internet. If Kik's lawyers check the registry today they'll still see that Azer still has not followed the request to pull off everything trademark related. NPM ignores the situation only to ensure some Travis builds do not fail. In less than 3 hours, the majority of the left-pad users found Lodash offers the same. But NPM decided to give a fuck for Azer and his trademark issue. Not sure if I like what NPM did.

@aniforprez - you are absolutely right. Azer's article clearly states that NPM changed the ownership, not the project itself. Don't know why I thought the vice versa. Nevertheless I'm still surprised by both Azer's and NPM decisions.

Search Hashnode