Insights

  • Home
  • Insights
  • Scraping the Web: Practical Implications From the hiQ v. LinkedIn Opinion

Share

Ninth_Circuit_Rules_Scraping_Alert_SOCIAL

Scraping the Web: Practical Implications From the hiQ v. LinkedIn Opinion

The ability of companies to prevent scraping of their publicly available information may now be limited.

September 2019 Alert

In a highly anticipated decision, the Ninth Circuit ruled on September 9, 2019, that scraping data from the public portions of a website likely does not violate the Computer Fraud and Abuse Act ("CFAA"), even if the computer owner attempts to revoke access through a cease-and-desist letter or Terms of Use. The decision, hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. Sept. 9, 2019), may limit the ability for companies to invoke the CFAA to block scraping of their publicly available information.

In hiQ, LinkedIn argued that hiQ's use of automated tools to access and copy publicly posted data after receiving a cease-and-desist letter violates the CFAA's prohibition on intentional access of a computer "without authorization." However, the court held that the CFAA's "without authorization" provision applies to the circumvention of "permissions, such as username and password requirements" that "demarcate[]" certain data as private. The court thus found that hiQ's practices likely do not constitute an unauthorized access where LinkedIn does not prevent public access to the data at issue.

The impact of the hiQ decision could be significant. It potentially limits the ability of companies to rely on the CFAA to prevent scraping of publicly available data even if they send a cease-and-desist letter or try to restrict access through Terms of Use. However, the opinion identifies several possible alternative avenues for vindicating data-scraping claims, including trespass to chattels, copyright infringement, misappropriation, unjust enrichment, conversion, and breaches of contract or privacy. 

It is important to note that the Ninth Circuit issued its opinion in a procedural posture that required it to decide only whether hiQ raised "serious questions" that its scraping complies with the CFAA. While the court did not issue a definitive ruling, the opinion suggests how the Ninth Circuit likely will ultimately interpret the CFAA in this context.

Insights by Jones Day should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request permission to reprint or reuse any of our Insights, please use our “Contact Us” form, which can be found on our website at www.jonesday.com. This Insight is not intended to create, and neither publication nor receipt of it constitutes, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.
You May Also Be Interested In

April 2024 White Paper

2023 False Claims Act Enforcement in Health Care and Life Sciences, Part II

April 2024 Alert

CISA Releases Proposed Cyber Incident and Ransom Payment Reporting Rules to Implement CIRCIA

APRIL 2024 Alert

New State Health Privacy Laws—Moving Beyond HIPAA and Recasting Consumer Health Data Rights?

March 2024 Alert

China Finalizes Provisions on Cross-Border Data Transfer

Before sending, please note:

Information on www.jonesday.com is for general use and is not legal advice. The mailing of this email is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.