Yes, you can scrape the web. So says a new ruling by the U.S. Ninth Circuit Court of Appeals. Scraping, or pulling publicly accessible data from a website, is at the center of a case between LinkedIn and a competitor hiQ Labs. LinkedIn sued hiQ for scraping individuals' personal data from its site, and the case went all the way to the US Supreme Court. However, the high court sent it back down to the Ninth Circuit Court to re-review the case. Last week, the appeals court reaffirmed its original ruling that scraping publicly accessible information from a website is not in violation of the Computer Fraud and Abuse Act (CFAA). 

• According to TechCrunch, the Ninth Circuit Court's second pass at the LinkedIn case referenced a 2021 SCOTUS ruling that also centered around the CFAA: “Using a "gate-up, gate-down" analogy, the Supreme Court said that when a computer or website’s gates are up — and therefore information is publicly accessible — no authorization is required.”

• “We’re disappointed in the court’s decision. This is a preliminary ruling and the case is far from over,” a spokesperson for LinkedIn said in a statement on the second ruling. “We will continue to fight to protect our members’ ability to control the information they make available on LinkedIn.” 

The Computer Fraud And Abuse Act

The CFAA was passed in 1986 when personal computing was still nascent and the worldwide web was still years away from creation. The law has been maligned for years as outdated and poorly worded, with Reason.com pointing to the central flaw: “Does access to a computer become unauthorized and therefore criminal when a person uses a computer in violation of a written restriction like a Term of Service of use policy?  Or is access unauthorized only when a person bypasses some sort of code-based restriction or authentication gate, such as by guessing another user's password or exploiting a security flaw?” With hiQ Labs, Inc. v. LinkedIn Corp., a definition is beginning to take shape.

The Verdict

As Reason.com noted, the issue of what’s allowed under the Terms of Service agreement still seems pretty open. It’ll be interesting to see how CFAA precedent begins to solidify over the coming years.