Scraping public data is legal, the U.S. Ninth Circuit of Appeals has ruled in a potentially landmark decision.
The decision follows a ruling by a federal court of appeals that reaffirmed its earlier decision, notably that web scraping (data harvesting, en masse) of data that’s made available to the general public, does not violate the Computer Fraud and Abuse Act (CFAA).
The CFAA is used to determine what can be described as “hacking” under US law.
hiQ Labs vs LinkedIn – round two
hiQ Labs, Inc. v. LinkedIn Corp, 938 F.3d 985, was a United States Ninth Circuit case about web scraping. The 9th Circuit affirmed the district court’s preliminary injunction, preventing LinkedIn from denying the plaintiff, hiQ Labs, from accessing LinkedIn’s publicly available LinkedIn member profiles.
The ruling is the epilogue of a legal battle between LinkedIn and hiQ Labs, a talent management algorithm focused on people analytics and data science machine learning. The latter has been scraping LinkedIn user profiles, something the world’s largest social network for professionals described as against its terms of service, equal to hacking, and was in violation of the CFAA.
LinkedIn lost the first lawsuit in 2019, but even after the second knockdown, it doesn’t want to give up.
“We’re disappointed in the court’s decision. This is a preliminary ruling and the case is far from over,” said LinkedIn spokesperson Greg Snapper in a statement.
“We will continue to fight to protect our members’ ability to control the information they make available on LinkedIn. When your data is taken without permission and used in ways you haven’t agreed to, that’s not okay. On LinkedIn, our members trust us with their information, which is why we prohibit unauthorized scraping on our platform.”
Reporting on the news, TechCrunch gives it a positive spin, saying the ruling is “good news for archivists, academics, researchers, and journalists”.
“Without a ruling in place, long-running projects to archive websites no longer online and using publicly accessible data for academic and research studies have been left in legal limbo,” it says.
However, it also reminds that some companies’ use of web scraping, such as the one done by facial recognition startup Clearview AI, is borderline illegal. This company scrapped “billions of social media profile photos,” over the years.
The petition for a writ of certiorari is granted. The judgment is vacated, and the case is remanded to the United States Court of Appeals for the 9th Circuit for further consideration in light of Van Buren v. United States, on June 14, 2020.
|Docket No.||Op. Below||Argument||Opinion||Vote||Author||Term|
|19-1116||9th Cir.||N/A||N/A||N/A||N/A||OT 2020|
Issue: Whether a company that deploys anonymous computer “bots” to circumvent technical barriers and harvest millions of individuals’ personal data from computer servers that host public-facing websites—even after the computer servers’ owner has expressly denied permission to access the data—“intentionally accesses a computer without authorization” in violation of the Computer Fraud and Abuse Act.