Back in 2019, the U.S. Ninth Circuit Court of Appeals had ruled that the Computer Fraud and Abuse Act, 1986 didn’t prohibit a company from scraping data that is publicly accessible on the internet. The ruling came in an action that HiQ labs initiated against LinkedIn. The petitioner, which uses public data to analyze employee attrition, was scraping personal information from public profiles of LinkedIn users. Now, the United States Supreme Court has remitted the case back to the Ninth Circuit Court of Appeals to decide, albeit with a fresh perspective, if data scraping off LinkedIn is legal or not.
HiQ would scrap the information from LinkedIn and then utilize it to develop algorithms that could assess employee sill sets and alert employers when they might be available for work. HiQ accused LinkedIn of anti-competitive behaviour and suggested that it issued threats around the same time as it launched a similar service. LinkedIn, in turn, accused HiQ of scraping data from the profiles of its users and claimed that HiQ violated the CFAA, which doesn’t allow access to a computer without authorization.
HiQ filed a lawsuit against LinkedIn, claiming that data available through public-facing parts of a website must remain public. It was able to obtain a preliminary injunction in 2017. The Ninth U.S. Circuit of Appeals overturned LinkedIn’s decision to restrict hiQ, noting that the statute does not apply in cases when the data is already publicly available.
LinkedIn appealed before the Supreme Court that HiQ’s bots can capture data on a scale that no human can. Some of the information had also been put up for sale.
But why remit back the case?
The US Supreme Court didn’t take up the case. In view of its recent decision in Van Buren v. the United States, wherein it decided that a person cannot violate the CFAA even if they access data in excess of their permissions, the Court remanded the case back to the United States Court of Appeals for the Ninth Circuit.
However, HiQ argues that any prohibition from accessing publicly available information from the internet could have profound impact on open access to the internet.
On the other side, data scraping has led to concerns around privacy. Clearview AI, declared illegal by Canada and Sweden, had scraped over 3 billion profile photos from social networks without any permission from users. Facebook recently used ‘data scraping’ as an excuse to dismiss a data breach which impacted more than 500 mn users around the world.
You can read the order here.