What just happened? A US appeals court has reaffirmed an earlier ruling that states companies or individuals who scrape publicly accessible data from the web aren’t breaking the law. The result contradicts Microsoft-owned LinkedIn’s claim that web scraping is illegal and a threat to user privacy.
The US Ninth Circuit of Appeals ruling is the latest chapter in a long-running battle between workforce analytics startup HiQ Labs and LinkedIn. The employment-focused social network sent HiQ Labs a cease and desist letter in 2017 demanding that it stop scraping its members’ public profile data; something it did approximately every two weeks as part of a service offered to businesses looking to “determine skills gaps or turnover risks months ahead of time.”
LinkedIn claimed the web scraping violated the 1986 Federal Computer Fraud and Abuse Act (CFAA). It implemented “technical measures” to stop HiQ Labs from accessing its site, which led to the firm launching a lawsuit against LinkedIn.
A judge found in favor of HiQ Labs in 2017 and granted a preliminary injunction against LinkedIn that prevented it from restricting the former’s access to public profiles. LinkedIn appealed, but the Ninth Circuit was also on HiQ Labs’ side in 2019, finding that CFAA does not bar anyone from scraping publicly accessible data.
Undeterred, LinkedIn appealed to the US Supreme Court, which in June narrowed the CFAA’s definitions of accessing a computer system “without authorization” and when doing so “exceeds authorized access.” It ruled that the latter does not cover breaking terms of services alone, but the Supreme Court also sent the case back to the ninth court for reconsideration.
Now, the ninth court has ruled that “the concept of ‘without authorization’ does not apply to public websites,” thereby preventing LinkedIn from blocking HiQ Labs’ web scraping.
Despite the setback, LinkedIn isn’t giving up. “We’re disappointed in the court’s decision. This is a preliminary ruling and the case is far from over,” said LinkedIn spokesperson Greg Snapper in a statement. “We will continue to fight to protect our members’ ability to control the information they make available on LinkedIn. When your data is taken without permission and used in ways you haven’t agreed to, that’s not okay. On LinkedIn, our members trust us with their information, which is why we prohibit unauthorized scraping on our platform.”
Masthead credit: Ink Drop