Follow Slashdot stories on Twitter
Web Scraping Doesn’t Violate Anti-Hacking Law, Appeal Court Rules (arstechnica.com) 11
This posed an existential threat to hiQ because the LinkedIn website is hiQ’s main source of data about clients’ employees. So hiQ sued LinkedIn, seeking not only a declaration that its scraping activities were not hacking but also an order banning LinkedIn from interfering. A trial court sided with hiQ in 2017. On Monday, the 9th Circuit Appeals Court agreed with the lower court, holding that the Computer Fraud and Abuse Act simply doesn’t apply to information that’s available to the general public. […] By contrast, hiQ is only scraping information from public LinkedIn profiles. By definition, any member of the public has authorization to access this information. LinkedIn argued that it could selectively revoke that authorization using a cease-and-desist letter. But the 9th Circuit found this unpersuasive. Ignoring a cease-and-desist letter isn’t analogous to hacking into a private computer system. “The CFAA was enacted to prevent intentional intrusion onto someone else’s computer — specifically computer hacking,” a three-judge panel wrote. The court notes that members debating the law repeatedly drew analogies to physical crimes like breaking and entering. In the 9th Circuit’s view, this implies that the CFAA only applies to information or computer systems that were private to start with — something website owners typically signal with a password requirement.
The court notes that when the CFAA was first enacted in the 1980s, it only applied to certain categories of computers that had military, financial, or other sensitive data. “None of the computers to which the CFAA initially applied were accessible to the general public,” the court writes. “Affirmative authorization of some kind was presumptively required.”
How is it proprietary if you make it public? (Score:4, Insightful)
by SuperKendall ( 25149 ) on Monday September 09, 2019 @06:17PM (#59175654)I am really glad to see this ruling, way too many companies want to publicly put data on websites that anyone can access, but then act like its confidental.
If you are going to put data up for all to see anyone should be allowed to examine and make use of that in other contexts.
I am really glad to see this ruling, way too many companies want to publicly put data on websites that anyone can access, but then act like its confidental.
If you are going to put data up for all to see anyone should be allowed to examine and make use of that in other contexts.
Or companies/people that send you a physical letter (or email) with a confidentiality and/or copyright notice tacked on. Um… hate to tell them, it’s *my* property now and I’ll do what I want with it. (Unless, for pedantic readers, I’ve already entered into some sort of NDA with the sender.)
not at all what the opinion is about (Score:5, Informative)
by supernova87a ( 532540 ) <kepler1@hotmMENCKENail.com minus author> on Monday September 09, 2019 @06:24PM (#59175672)That is *not* what this court ruled. It would be nice to get someone with kindergarten legal understanding to check these stories first. What this court ruled on was that the arguments being made by LinkedIn weren’t persuasive enough to let them continue blocking HiQ or prevent this case from going to trial.But this case is so ridiculous on multiple fronts that although this procedural ruling (injunction) seems technically correct (to allow the case to proceed to actual court), it could just as well have been thrown out with no difference in or ultimate harm to the parties.
First, LinkedIn makes the claim that its users have a right to privacy against scraping by such a 3rd party. That’s laughable. As the court saw, their whole business model is made on people sharing their profiles broadly and mostly to the public.
Secondly, HiQ claims that LinkedIn’s efforts to stop it from using the data are tortious interference. That’s bold — suppose someone is taking your assets (you believe illegally) and selling them to others — can you imagine the gall that the person taking your assets can sue you for interfering with their subsequent sale of your assets?
Finally, that LinkedIn resorted to using the computer fraud and anti-terrorism statutes to make their argument is ridiculous.
So much craziness to go around. I would’ve just tossed the case, but I guess there is the whole bit about due process… Maybe HiQ will fail anyway at the next substantive trial, but what a waste of time.
Re:not at all what the opinion is about (Score:4, Insightful)
by Retired ICS ( 6159680 ) on Monday September 09, 2019 @06:42PM (#59175714)“Secondly, HiQ claims that LinkedIn’s efforts to stop it from using the data are tortious interference. That’s bold — suppose someone is taking your assets (you believe illegally) and selling them to others — can you imagine the gall that the person taking your assets can sue you for interfering with their subsequent sale of your assets? “
This is bullshit.
A more correct analogy would be that someone is BUYING something you are offering for sale at the price you are offering to sell them for, but then RESELLING them at a higher price by bundling them with something else which adds value. In such a case, refusing to continue to do business with the party of the first part (the one buying what you are offering for sale under the conditions on which you are making the offer) is, in fact, tortuous interference.
In this particular case, LinkedIn is “selling” their assets for free, and the bundled value added product is the additional analysis provided by HiQ.
More interesting, does not the threat to commence proceedings under the CFAA by LinkedIn if HiQ does not cease and desist their activity constitute the crime of extortion? If not, then why not? It certainly would qualify as extortion here in Canada.
In this particular case, LinkedIn is “selling” their assets for free
Surely the quick way to solve this would be simply for LinkedIn to put some terms on the free access to the data. This way it would be free for personal use and not free for large scrapping companies to come along and resell. This had better be legal otherwise various Creative Common licences, particularly those with ‘NC’, are in serious trouble.
Bullshit. HiQ didn’t hack anyone and that’s nonsense, but if Linkedin can technically stop them from doing that they want to do then good – fuck HiQ they don’t have any kind of contract that forces LinkedIn to provide data in a way that is digestible by them in any particular format.
Just like “fair use” isn’t a right. Say some music provider discovered magic (work with me here) that literally made it impossible for you do anything but listen to their music on special headphones. You are unable to make a 10
I don’t think your analogy is apt, so here is another way to think of it – just because a store is open to the public doesn’t mean someone can show up with a crew and film a movie in it. The store can tell you to leave, and that if you come back it would be considered trespassing.
While I don’t think that scraping should generally be considered under fraud & abuse, don’t you feel that when someone has been told not to access a service any longer and is circumventing safeguards to prevent access that a li
“I don’t think your analogy is apt, so here is another way to think of it – just because a store is open to the public doesn’t mean someone can show up with a crew and film a movie in it. The store can tell you to leave, and that if you come back it would be considered trespassing.”
I cannot tell if you are dense or just being obtuse. Just because a store is open and offers to sell things to the general public does not mean that it is offering to be a place where movies can be filmed. If however it IS offe
I cannot tell if you are dense or just being obtuse. Just because a store is open and offers to sell things to the general public does not mean that it is offering to be a place where movies can be filmed. If however it IS offering to be a place where any member of the public may enter and film a movie, then it cannot exclude you from doing so.
Right, so why can’t LinkedIn tell this company to stop scraping its service. LinkedIn is not making the information accessible so any asshole can scrape the site, the intent is that human beings can view it.
- by Falos ( 2905315 )
>>that LinkedIn resorted to using the computer fraud and anti-terrorism statutes to make their argument is ridiculous
The CFAA gets resorted to nonstop, it’s glorious in a sort of “you can use duct tape to solve ANYTHING” kind of way.
Except it’s weaponized by those with the trappings of legitimacy; so, less glorious about fixing sheds and shoes, more glorious in a ghastly and dystopic kind of way.
First, LinkedIn makes the claim that its users have a right to privacy against scraping by such a 3rd party. That’s laughable.
Agreed, that’s just absurd. I use LinkedIn to store my public resume. I do this with the full understanding and expectation that anyone can freely access this data. There is ZERO expectation of privacy there, at least on my part – quite the opposite, in fact. It’s better for me if as many people as possible have easy access to my professional information.
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
Related Links Top of the: day, week, month.
- 1044 commentsGovernment Shutdown: TLS Certificates Not Renewed, Many Websites Are Down
- 1022 comments‘Universal Basic Income Doesn’t Work’
- 654 commentsNational Parks Face Years of Damage From Government Shutdown
- 651 commentsAre Universal Basic Incomes ‘A Tool For Our Further Enslavement’?
- 563 commentsCalifornia Gives Final OK To Require Solar Panels On New Houses
Slashdot Top Deals
- Get more comments
- 11 of 11 loaded
“In the face of entropy and nothingness, you kind of have to pretend it’s not there if you want to keep writing good code.” — Karl Lehenbauer
