After six years of litigation, the U.S. District Court for the Northern District of California ruled that HiQ’s data scraping violated LinkedIn’s terms of service and violated the Computer Fraud and Abuse Act (CFAA).
The case stems from HiQ’s use of programs that scraped data from public profiles. The programs avoided detection by simulating human like behavior. Moreover, independent contractors, “Turkers”, were hired to create fake accounts that viewed and confirmed HiQ’s employees accounts. Both actions were a violation of LinkedIn’s terms of service, and essential in the Courts reasoning.
This ruling is a departure from Van Buren, where the Supreme Court ruled that improper or unauthorized purpose does not violate the CFAA, so long as the user had legitimate access. Earlier in the year, the Ninth Circuit sided with HiQ and rejected LinkedIn’s Claim that data scraping violated the CFAA. The court distinguished between illegal data scraping, which involves information that requires authorization; and the legal data scraping of public information, which is accessible without authorization.
HiQ’s case is very distinguishable – it involved unusual data scraping practices, such as, reverse engineering a websites technical defenses and hiring individuals to manually verify fake accounts. A fact of particular importance to the courts was that HiQ continued to data scrape after receiving a Cease-and-Desist letter. The letter notified HiQ that their actions were a violation of LinkedIns terms and services.
These unusual facts may warrant a departure from precedent or indicate future restrictions against data scraping.
"*" indicates required fields