Everyone wants data, and everyone wants to protect the data that they have. Data after all is the new gold.
Businesses seek to protect their data by prohibiting others from data scraping (copying or collecting it). See LinkedIn Terms of Use, section 8.2k; Instagram, Terms of Use, Basic Terms 15, General Condition 10; Pinterest, Community Guidelines, Site Security and Access; Facebook, Terms, Safety section 2.
That prohibition however may have a hole.
HiQ is a data analytics business that scrapes publicly available information from LinkedIn user profiles. LinkedIn sent HiQ a cease and desist letter and tried to block HiQ from accessing LinkedIn's services. HiQ responded by suing LinkedIn in the Northern District of California and requesting a preliminary injunction to stop LinkedIn from blocking it from accessing LinkedIn's services.
On August 14, 2017, the court granted hiQ Labs’ motion for a preliminary injunction to prohibit LinkedIn from “preventing hiQ’s access, copying, or use of public profiles on LinkedIn’s website.” hiQ Labs, Inc. v. LinkedIn Corporation (N.D. Cal. No. 3:17-cv-03301-EMC) (a copy of the Order is available through Mega.com). To win its motion for a preliminary injunction, HiQ had to show that the balance of hardships were in its favor, its legal claims had merit, and the public interest was in its favor.
The court found that the balance of hardships weighed in favor of HiQ because HiQ would suffer irreparable harm (be forced to close) if it was denied access to LinkedIn's services. Meanwhile, LinkedIn only proffered user expectations and potential loss of user trust.
The court then evaluated LinkedIn's defense that HiQ's actions violated the U.S. Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030. The court examined this defense because if it was valid, it would preempt HiQ's state law claims. Whether the CFAA applies depends on whether "by continuing to access public LinkedIn profiles after LinkedIn ... explicitly revoked permission to do so, hiQ 'accesse[d] a computer without authorization' within the meaning of the CFAA." Order at 8. LinkedIn's broad reading of the CFAA troubled the court because it would criminalize the mere viewing of "a website in contravention of a unilateral directive from a private entity." Order at 11. After examining the law's historical context, the court has "serious doubt whether LinkedIn‟s revocation of permission to access the public portions of its site renders hiQ's access 'without authorization' within the meaning of the CFAA." Order at 15.
The court evaluated HiQ's California Unfair Competition Law claim, Cal. Bus. & Prof. Code § 17200 et seq. HiQ argued that LinkedIn blocked HiQ because it wanted to monetize its own data with a competing product. Order at 21. Based on the record, the court found that this claim had merit. HiQ had two other state claims but the court did not find that they had merit.
The court finally found that the public interest was in HiQ's favor.
[Update] A little bit ago, I received via a LinkedIn group, an email from a business offering to scrape data from a variety of California based organizations and businesses.
Image by Balasoiu on Freepik.