Court rejects LinkedIn claim that unauthorized scraping is hacking

https://cdn.arstechnica.net/wp-content/uploads/2017/08/16525600739_6915413359_k-800x533.jpg

A California federal court has handed a setback to LinkedIn in a case that could determine whether scraping a public website triggers anti-hacking law. The 25-page ruling, released on Monday, holds that federal anti-hacking law isn't triggered by scraping a website, even if the website owner—LinkedIn in this case—explicitly asks for the scraping to stop.

The case pits a business analytics startup called hiQ against the Microsoft-owned behemoth LinkedIn. HiQ scrapes data from publicly available portions of the LinkedIn website, then sells reports to employers about which of their employees seem to be looking for new jobs. LinkedIn sent hiQ a cease-and-desist letter warning that continued scraping could subject hiQ to liability under the Computer Fraud and Abuse Act (CFAA), the anti-hacking legislation Congress enacted in 1986.