LAW GEMS

.

Unlocking legal insights from national and international Courts.

Choose a category:

The case study is based on open-source information, it may contain historical or legal inaccuracies, and it does not reflect the opinion of the author.

Cloud-Based Web Scraping: LinkedIn Dispute on Workforce Analytics

Introduction

The case of hiQ Labs, Inc. v. LinkedIn Corp. revolves around data scraping and digital rights, specifically whether a company can legally collect publicly available data from another platform without violating the Computer Fraud and Abuse Act (CFAA). The U.S. Court of Appeals for the Ninth Circuit’s decision has major implications for data privacy, online competition, and access to publicly available information.

Background

hiQ Labs, a data analytics firm, collected publicly available profile data from LinkedIn to offer predictive analytics services. LinkedIn, a professional networking platform owned by Microsoft, sought to block hiQ’s access, claiming that its data scraping violated LinkedIn’s Terms of Service and the CFAA. In response, hiQ filed a lawsuit seeking an injunction to prevent LinkedIn from restricting its access.

Legal Issues

The court examined several key legal questions:

  1. Preliminary Injunction Standard
    • Whether hiQ could establish a likelihood of success on the merits, irreparable harm, and that the balance of equities and public interest favored an injunction.
  2. Computer Fraud and Abuse Act (CFAA) Interpretation
    • Whether accessing publicly available data on LinkedIn’s platform after receiving a cease-and-desist letter constituted “unauthorized access” under the CFAA.
  3. Tortious Interference with Contract
    • Whether LinkedIn’s actions disrupted hiQ’s business contracts with clients and prevented hiQ from continuing its operations.

Application of Legal Principles

The Ninth Circuit applied well-established legal principles, particularly those governing injunctive relief, statutory interpretation of the CFAA, and business torts. The court’s reasoning involved:

1. Preliminary Injunction, Public Interest, and Balancing of Equities

  • A plaintiff seeking an injunction must demonstrate irreparable harm, a likelihood of success on the merits, that the balance of hardships favors the plaintiff, and that the injunction is in the public interest.
  • The court found that hiQ faced irreparable harm because LinkedIn’s blocking efforts would likely put it out of business.
  • The court determined that the public interest favored hiQ because allowing platforms like LinkedIn to bar competitors from scraping public data could create anti-competitive barriers.
  • At the same time, the court acknowledged LinkedIn’s argument that protecting user privacy is in the public interest. However, it reasoned that LinkedIn users who made their profiles public had no reasonable expectation of privacy regarding that information.
  • The ruling struck a balance between competition and privacy concerns, ensuring that companies could not monopolize public data while still recognizing user privacy rights in non-public settings.

2. CFAA and “Without Authorization” Concept

  • The CFAA prohibits unauthorized access to protected computers.
  • LinkedIn argued that hiQ’s continued scraping after receiving a cease-and-desist letter violated the CFAA.
  • The court applied the statutory interpretation principle that ambiguous criminal statutes should be read narrowly to avoid overcriminalization.
  • The court ruled that publicly available data does not require authorization to access, meaning that LinkedIn could not invoke the CFAA to block hiQ.
  • The court emphasized that mere violation of a website’s Terms of Service does not equate to criminal hacking under the CFAA.

3. Tortious Interference with Contract

  • hiQ argued that LinkedIn’s blocking efforts prevented it from fulfilling existing contracts with clients.
  • The court evaluated whether LinkedIn’s conduct was unjustified and had caused direct economic harm to hiQ.
  • The court found that hiQ raised serious legal questions about whether LinkedIn’s actions unlawfully interfered with its business relationships.

Court’s Decision

The Ninth Circuit ruled in favor of hiQ, affirming the preliminary injunction and rejecting LinkedIn’s CFAA defense. The decision reinforced that publicly accessible websites cannot use the CFAA to criminalize web scraping while balancing the public interest in competition and privacy.

Implications of the Judgment

  • Data Scraping Legality: This ruling supports businesses that scrape publicly available data, clarifying that it does not necessarily violate the CFAA.
  • Online Competition: The decision prevents large platforms from monopolizing public user data under the guise of cybersecurity.
  • User Privacy Concerns: While LinkedIn cited privacy concerns, the court found that users who choose to make their profiles public do not have an expectation of privacy.
  • Balancing Public Interest: The ruling ensures that competition is not unfairly restricted while preserving the importance of privacy in non-public settings.

Conclusion

The hiQ v. LinkedIn case is a landmark decision in data scraping and digital rights law. By applying principles of injunctive relief, statutory interpretation, and business tort analysis, the court determined that publicly available data is not protected under the CFAA. The ruling also demonstrated a careful balance between competition, privacy, and public access to information. This decision sets a precedent for future disputes over web scraping and access to online information, shaping the landscape for businesses, legal professionals, and digital rights advocates navigating the intersection of data privacy, competition, and cybersecurity law.

Case: HiQ Labs, Inc. v. LinkedIn Corp., 31 F.4th 1180 (9th Cir. 2022) (17-16783.pdf)

Leave a comment