HiQ uses an automated application to look at publicly available data on social media and provide analytics to its customers. This is called “data scraping”. Businesses use the data for all sorts of things designed to increase revenue.
HiQ scraped data from LinkedIn. LinkedIn’s Terms of Sale (TOS) prohibits use of automated scraping tools like the ones used by HiQ. LinkedIn will block any IP addresses that engage in scraping. Technically, most of the data on LinkedIn isn’t really LinkedIn’s data. Users post their own data and make it available to anyone who visits LinkedIn. So, HiQ determined that it could scrape publically available LinkedIn data.
LinkedIn sent a cease and desist letter to HiQ based on HiQ’s violation of LinkedIn’s TOS and the Computer Fraud and Abuse Act (CFAA). The CFAA was enacted in the early history of the Internet to stop hacking. The key to the CFAA is the unauthorized use of permission to access a website. LinkedIn thought CFAA and its interpreting case law gave it a strong case.
HiQ filed a declaratory judgment action seeing a ruling that its data scraping practices were ok. The district court granted LinkedIn’s motion for preliminary injunction. HiQ appealed. The Ninth Circuit Court of Appeals affirmed the preliminary injunction and remanded the case back to the district court for a final adjudication.
While HiQ may have lost this battle, the Ninth Circuit’s opinion seems to open the door to HiQ ultimately winning the war. The Ninth Circuit felt that HiQ raised some serious questions about the reference to access “without authorization” under the CFAA. The CFAA “contemplates the existence of three kinds of computer information: (1) information for which access is open to the general public and permission is not required, (2) information for which authorization is required and has been given, and (3) information for which authorization is required but has not been given (or, in the case of the prohibition on exceeding authorized access, has not been given for the part of the system accessed).” The Ninth Circuit believed that HiQ has an argument that public LinkedIn profiles, available to anyone with an Internet connection, fall into the first category. Therefore, using that public information would not violate the CFAA.
WHY YOU SHOULD KNOW THIS. The Ninth Circuit appears to be ok with data scraping in the context of freedom of competition and information. What might save HiQ is the fact that it is only scraping public data. There’s an open question as to whether HiQ is still violating LinkedIn’s TOS. So both HiQ and LinkedIn have some battles to fight before the war ends.