LinkedIn can’t block public profile data scraping, court rules
The court’s decision, which affirmed that of a lower court, has been closely anticipated for what some legal scholars consider to be the case’s important constitutional and economic issues, as well as what critics believe could be a chilling effect on digital competition.
Constitutional scholar and Harvard law professor Laurence Tribe, for one, has weighed in on this issue to offer advice to the data-scraping startup in question, hiQ Labs.
At issue, Tribe has said, was that social media is the modern equivalent of the public square. He’s called LinkedIn’s attempts to stop hiQ from using its users’ publicly available data “a serious challenge to free expression in the modern world.”
Freedom of speech is not just about flag-burning. It’s about how you use information in the digital economy. Data is the new form of capital in creating products and services.
The decision was applauded for providing clarity around the scope of the nation’s major hacking law, the Computer Fraud and Abuse Act (CFAA). The Electronic Frontier Foundation (EFF), for one, said that it should come as a relief to researchers, journalists, and companies…
who have had reason to fear cease and desist letters threatening liability simply for accessing publicly available information in a way that publishers object to.
Back in 2016, hiQ, a San Francisco startup, was marketing two products, both of which depend on whatever data LinkedIn’s 500 million members have made public: Keeper, which identifies employees who might be ripe for being recruited away, and Skills Mapper, which summarizes an employee’s skills.
hiQ wasn’t hacking anything away. It was just grabbing the kind of stuff you or I could get on LinkedIn without having to log in. All you need is a browser and a search engine to find the data hiQ sucks up, digests, analyzes and sells to companies who want a heads-up when their pivotal employees might have one foot out the door or that are trying to figure out how their workforce needs to be bolstered or trained.
In 2016, LinkedIn decided to offer a similar service, at which point it sent hiQ and others in the sector cease and desist letters and started blocking the bots that were reading its pages.
LinkedIn’s case has two main arguments:
- hiQ is scraping data that belongs to LinkedIn and threatens its members’ privacy; and
- It does this with bot-scraping programs that have negative effects.
LinkedIn alleged that hiQ was violating the CFAA, as well as the Digital Millennium Copyright Act (DMCA). It also alleged that hiQ was conducting unfair business practices under California state law. In the letter to hiQ, LinkedIn noted that it had used technology to block the startup from accessing its data.
On Monday, a three-judge panel nixed LinkedIn’s claims about the alleged CFAA violation and told LinkedIn to stop blocking the scraping. The judges wrote that data scraping of publicly available information does not constitute a violation of the CFAA.