Scraping Websites is Legal 04-24-2022, 05:23 AM
#1
The U.S. Supreme Court ruled that scraping websites is legal, as long as no authorization is required.
Read More: https://www.eff.org/deeplinks/2022/04/sc...s-declares
Quote:The long-running dispute in hiQ concerns LinkedIn’s attempts to stop hiQ from scraping public information from LinkedIn user profiles as part of hiQ’s data analytics services. LinkedIn tried to block hiQ’s access and threatened to sue for violation of the CFAA, on the theory that hiQ’s access violated the website’s terms of service and LinkedIn’s explicit wishes. But hiQ sued first and obtained a preliminary injunction to preserve its access.
The key question for the Ninth Circuit on appeal was whether access to a public website can ever be “without authorization” under the CFAA. According to an earlier Ninth Circuit precedent, Facebook v. Power, merely violating a website’s terms of service is not enough to be a violation of the CFAA, but individualized notice in the form of a cease-and-desist letter can revoke a user’s prior authorization. However, the court noted that the phrase “access without authorization” implies that there is a baseline requirement of authorization, and public websites like the LinkedIn profiles at issue do not require any permission to begin with. As a result, the court held that access to public information online likely cannot be a violation of the CFAA. (Because it was considering an appeal from a preliminary injunction, the holding was discussed in terms of the “likely” outcome of a final ruling.)
Then, in Van Buren, the Supreme Court answered a different question interpreting a different term in the CFAA, holding that an police officer did not “exceed authorized access” by using a law enforcement database for an unofficial purpose that violated the department’s written rules and procedures. The Court held that the CFAA does not encompass “violations of circumstance-based access restrictions on employers’ computers.” Rather, it adopted what it called a “gates-up-or-down approach,” writing that violations of the “exceeds authorized access” provision are limited to someone who “accesses a computer with authorization but then obtains information located in particular areas of the computer—such as files, folders, or databases—that are off limits to him.”
Although there was nothing in that opinion that obviously called the Ninth Circuit’s hiQ ruling into question, the Supreme Court nevertheless sent hiQ back to the court of appeals for reconsideration in light of Van Buren.
Unsurprisingly then, the Ninth Circuit found that Van Buren merely reinforced its earlier conclusion: no authorization is required to access a public website, so scraping that website likely cannot be access without authorization, no matter what the website owner thinks about it. The court explained that the Supreme Court’s “gates up-or-down inquiry” applies when a website requires authorization such as a username and password, writing that “if authorization is required and has been given, the gates are up; if authorization is required and has not been given, the gates are down.” But “applying the ‘gates’ analogy to a computer hosting publicly available webpages, that computer has erected no gates to lift or lower in the first place.”
Read More: https://www.eff.org/deeplinks/2022/04/sc...s-declares
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)