The Ninth Circuit Court of Appeals has reaffirmed that scraping publicly available data from the Internet will remain legal, the court announced in a ruling on Monday.

The decision is the next step in a multi-year legal battle between hiQ Labs and LinkedIn over hiQ’s scraping activities — which target public LinkedIn profiles to create human capital datasets and predictive workforce analytics — and is being hailed as a victory for web-scraping activists and data providers.

"This decision is clearly a win for anyone reliant on using or selling web-scraped data," said Daryl Smith, head of research at Neudata. "Perhaps it means we'll start to see some sites (like LinkedIn and Glassdoor) putting more content behind logins and paywalls to make life harder for scrapers like hiQ, but it's too early to tell at this point."

The Ninth Circuit Court originally ruled on the case in 2019 and affirmed the legality of web-scraping practices. LinkedIn then appealed the case to the US Supreme Court in 2020. After reviewing the case last year, the Supreme Court declined to hear it and instead vacated the appeals court’s 2019 decision and asked the Ninth Circuit to re-review the case.

In order to make its new decision, the Ninth Circuit relied on a Supreme Court ruling from last year — Van Buren v. United States — which narrowed the definition of the Computer Fraud and Abuse Act. The CFAA is a law from 1986 that concerns unauthorised access to computer systems.

In Van Buren, the Supreme Court introduced the idea of a ‘gate-up, gate-down’ test, which says that when a website’s gates are up (meaning its information is available to the public), users are not legally required to gain authorisation to access that information.

In the Ninth Circuit’s new decision on hiQ, it referenced Van Buren, saying the “the concept of ‘without authorization’ does not apply to public websites.”

LinkedIn and hiQ have been locked in legal battles since 2017, when LinkedIn told the data provider to stop scraping data from users’ publicly available LinkedIn profiles, saying the practice violated the CFAA. hiQ sued LinkedIn, claiming the company was acting anti-competitively. LinkedIn lost the case after a district court granted hiQ a preliminary injunction, saying hiQ’s business would suffer irreparable harm if it couldn’t access publicly available data.

LinkedIn then appealed that ruling to the Ninth Circuit, which affirmed the lower court’s decision  and said that because LinkedIn profiles aren’t password-protected, they aren’t subject to the CFAA.

In a statement to TechCrunch, LinkedIn spokesman Greg Snapper expressed his disappointment in the court's Monday decision, saying "This is a preliminary ruling and the case is far from over.”

“We will continue to fight to protect our members’ ability to control the information they make available on LinkedIn. When your data is taken without permission and used in ways you haven’t agreed to, that’s not okay. On LinkedIn, our members trust us with their information, which is why we prohibit unauthorized scraping on our platform.”

Photo by Claire Anderson on Unsplash