HiQ Labs v. LinkedIn

Last updated

hiQ Labs, Inc. v. LinkedIn Corp
Seal of the United States Courts, Ninth Judicial Circuit.svg
CourtUnited States Court of Appeals for the Ninth Circuit
Decided9 September 2019
Citation(s)938 F.3d 985
Case history
Prior action(s)273 F. Supp. 3d 1099 (N.D. Cal. 2017)
Subsequent action(s) Cert. granted, judgment vacated, 141 S. Ct. 2752, 210 L. Ed. 2d 902 (2021);
Adhered to on remand, 31 F.4th 1180 (9th Cir. 2022)
Court membership
Judge(s) sitting Marsha Berzon, John Clifford Wallace, Terrence Berg

hiQ Labs, Inc. v. LinkedIn Corp., 938 F.3d 985 (9th Cir. 2019), was a United States Ninth Circuit case about web scraping. The 9th Circuit affirmed the district court's preliminary injunction, preventing LinkedIn from denying the plaintiff, hiQ Labs, from accessing LinkedIn's publicly available LinkedIn member profiles. hiQ is a small data analytics company that used automated bots to scrape information from public LinkedIn profiles.

Contents

The court ruled that hiQ had the right to do web scraping. [1] [2] [3] However, the Supreme Court, based on its Van Buren v. United States decision, [4] vacated the decision and remanded the case for further review in June 2021. In a second ruling in April 2022 the Ninth Circuit affirmed its decision. [5] [6] In November 2022 the U.S. District Court for the Northern District of California ruled that hiQ had breached LinkedIn's User Agreement and a settlement agreement was reached between the two parties. [7]

Background

LinkedIn served hiQ with a cease-and-desist, demanding that hiQ cease its activity of accessing and copying data from LinkedIn's server. hiQ filed suit against LinkedIn, seeking both injunctive relief under California law and a declaratory judgment to prevent LinkedIn from lawfully invoking the Computer Fraud and Abuse Act (CFAA), the Digital Millennium Copyright Act (DMCA), California Penal Code § 502(c), or the common law of trespass against hiQ.

Ninth Circuit

The Ninth Circuit affirmed the district court's award of a preliminary injunction in hiQ's favor, finding that "hiQ established a likelihood of irreparable harm because the survival of its business was threatened." [8]

The Ninth Circuit held that there was no abuse of discretion by the district court where the court had found that even if some LinkedIn users retained their privacy despite their public status, as they were not scraped, such privacy interests did not outweigh hiQ's interest in maintaining its business.

In balancing the hardships, the Ninth Circuit determined it weighed in favor of hiQ. Further, the Ninth Circuit noted that hiQ posed serious concerns with regards to "(1) the merits of its claim for tortious interference with contract, alleging that LinkedIn intentionally interfered with its contracts with third parties, and (2) the merits of LinkedIn’s legitimate business purpose defense." [8]

Additionally, there was a serious contention as to whether the CFAA preempted hiQ's state law causes of action, specifically because the CFAA prohibits accessing a computer without authorization or exceeding one's authorization to obtain information from a protected computer. LinkedIn asserted that following the receipt of its cease-and-desist letter, hiQ's scraping and further use of its data without authorization fell within the meaning of "without authorization" within the CFAA.

The Ninth Circuit affirmed the district court's finding that public interest favored the granting of a preliminary injunction. In his concurring opinion, Judge Wallace specified his concern about the appeal of a preliminary injunction initiated in order to obtain an appellate court's take on the merits.

Ultimately, the Ninth Circuit's affirmation of the district court's grant of the preliminary injunction prohibited LinkedIn from denying hiQ access to publicly available data on public LinkedIn users' profiles.

Supreme Court

LinkedIn petitioned the Supreme Court to review the Ninth Circuit's decision. [9] In an order on June 14, 2021, [10] the Supreme Court vacated the Ninth Circuit's decision on the basis of their ruling on CFAA the week prior in Van Buren v. United States , which had ruled that the "exceeds authorized access" of CFAA only applies when an individual has valid access to a system but accesses parts of a system they are not intended to access. [4] The case was remanded to the Ninth Circuit for further review under Van Buren. [11]

In a second ruling in April 2022 the Ninth Circuit affirmed its decision. [5] [6]

Implications

The Ninth Circuit's declaration that selectively banning potential competitors from accessing and using data that is publicly available can be considered unfair competition under California law may have large implication for antitrust law. [ citation needed ]

Other countries with laws to prevent monopolistic practices or anti-trust laws may also see similar disputes and prospectively judgements hailing commercial use of publicly accessible information. While there is global precedence by virtue of large companies such as Thomson Reuters, Bloomberg or Google effectively using web-scraping or crawling to aggregate information from disparate sources across the web, fundamentally the judgement by Ninth Circuit fortifies the lack of enforceability of browse-wrap agreements over conduct of trade using publicly available information.

Related Research Articles

<span class="mw-page-title-main">Computer Fraud and Abuse Act</span> 1986 United States cybersecurity law

The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law, which had been included in the Comprehensive Crime Control Act of 1984. Prior to computer-specific criminal laws, computer crimes were prosecuted as mail and wire fraud, but the applying law was often insufficient.

<i>A&M Records, Inc. v. Napster, Inc.</i> US legal case

A&M Records, Inc. v. Napster, Inc., 239 F.3d 1004 was a landmark intellectual property case in which the United States Court of Appeals for the Ninth Circuit affirmed a district court ruling that the defendant, peer-to-peer file sharing service Napster, could be held liable for contributory infringement and vicarious infringement of copyright. This was the first major case to address the application of copyright laws to peer-to-peer file sharing.

<i>In re Aimster Copyright Litigation</i>

In re Aimster Copyright Litigation, 334 F.3d 643, was a case in which the United States Court of Appeals for the Seventh Circuit addressed copyright infringement claims brought against Aimster, concluding that a preliminary injunction against the file-sharing service was appropriate because the copyright owners were likely to prevail on their claims of contributory infringement, and that the services could have non-infringing users was insufficient reason to reverse the district court's decision. The appellate court also noted that the defendant could have limited the quantity of the infringements if it had eliminated an encryption system feature, and if it had monitored the use of its systems. This made it so that the defense did not fall within the safe harbor of 17 U.S.C. § 512(i). and could not be used as an excuse to not know about the infringement. In addition, the court decided that the harm done to the plaintiff was irreparable and outweighed any harm to the defendant created by the injunction.

<i>BMG Music v. Gonzalez</i> U.S. court case

BMG Music v. Gonzalez, 430 F.3d 888, was a court decision in which the United States Court of Appeals for the Seventh Circuit ruled that a record company could sue a person who engaged in online sharing of music files for copyright infringement. The decision is noteworthy for rejecting the defendant's fair use defense, which had rested upon her contention that she was merely "sampling" songs with the intention of possibly purchasing the downloaded songs in the future, a practice known informally as "try before you buy".

Winter v. Natural Resources Defense Council, 555 U.S. 7 (2008), was a decision by the United States Supreme Court concerning whether federal law restricted the United States Navy's ability to use sonar during drills given the possibility of a harmful effect on marine mammals such as whales.

Salazar v. Buono, 559 U.S. 700 (2010), was a decision by the Supreme Court of the United States regarding the establishment clause of the First Amendment to the United States Constitution. The case concerned the legality of the Mojave Memorial Cross, a Latin cross which was placed atop a prominent rock outcropping by the Veterans of Foreign Wars foundation in 1934 to honor war dead. The location is known as "Sunrise Rock" in the Mojave National Preserve in San Bernardino County in southeastern California. The Supreme Court ruled that the cross may stay, but also sent the case back to a lower court, making the issue currently unresolved.

<i>Cartoon Network, LP v. CSC Holdings, Inc.</i> American legal case

Cartoon Network, LP v. CSC Holdings, Inc., 536 F.3d 121, was a United States Court of Appeals for the Second Circuit decision regarding copyright infringement in the context of DVR systems operated by cable television service providers. It is notable for partially overturning the Ninth Circuit precedent MAI Systems Corp. v. Peak Computer, Inc., regarding whether a momentary data stream is a "copy" per copyright law.

<i>Facebook, Inc. v. Power Ventures, Inc.</i> Lawsuit brought by Facebook in the United States

Facebook, Inc. v. Power Ventures, Inc. is a lawsuit brought by Facebook in the United States District Court for the Northern District of California alleging that Power Ventures Inc., a third-party platform, collected user information from Facebook and displayed it on their own website. Facebook claimed violations of the CAN-SPAM Act, the Computer Fraud and Abuse Act ("CFAA"), and the California Comprehensive Computer Data Access and Fraud Act. According to Facebook, Power Ventures Inc. made copies of Facebook's website during the process of extracting user information. Facebook argued that this process causes both direct and indirect copyright infringement. In addition, Facebook alleged this process constitutes a violation of the Digital Millennium Copyright Act ("DMCA"). Finally, Facebook also asserted claims of both state and federal trademark infringement, as well as a claim under California's Unfair Competition Law ("UCL").

<i>Playboy Enterprises, Inc. v. Netscape Communications Corp.</i> Legal case concerning trademark infringement and dilution

Playboy Enterprises, Inc. v. Netscape Communications Corp., 354 F.3d 1020 was a case regarding trademark infringement and trademark dilution decided by the United States Court of Appeals for the Ninth Circuit. The ruling addressed unauthorized use of trademarked terms when using web search data to determine the recipients of banner ads.

Omega S. A. v. Costco Wholesale Corp., 541 F.3d 982, was a case decided by the Ninth Circuit Court of Appeals that held that in copyright law, the first-sale doctrine does not act as a defense to claims of infringing distribution and importation for unauthorized sale of authentic, imported watches that bore a design registered in the Copyright Office. It is contrasted with Kirtsaeng v. John Wiley & Sons, Inc.

<i>LVRC Holdings LLC v. Brekka</i>

LVRC Holdings v. Brekka 581 F.3d 1127, 1135 is a Ninth Circuit Court of Appeals Decision that deals with the scope of the concept of "authorization" in the Computer Fraud and Abuse Act. The major finding of this case is that even if an employee accesses a computer for an improper purpose, such as one that violates the duty of loyalty to their employer, the employee remains authorized to access the computer until the employer revokes the employee's access. The findings of this case were upheld by another Ninth Circuit decision in United States v. Nosal, 676 F.3d 854 and are the current law in this circuit.

<i>United States v. Nosal</i> United States Court of Appeals for the Ninth Circuit decision

United States v. Nosal, 676 F.3d 854 was a United States Court of Appeals for the Ninth Circuit decision dealing with the scope of criminal prosecutions of former employees under the Computer Fraud and Abuse Act (CFAA). The Ninth Circuit's first ruling established that employees have not "exceeded authorization" for the purposes of the CFAA if they access a computer in a manner that violates the company's computer use policies—if they are authorized to access the computer and do not circumvent any protection mechanisms.

<i>Conant v. Walters</i>

Conant v. Walters, 309 F.3d 629, is a legal case decided by the United States Court of Appeals for the Ninth Circuit, which affirmed the right of physicians to recommend medical marijuana. The Court of Appeals affirmed the earlier decision of the United States District Court for the Northern District of California, which was filed under the caption Conant v. McCaffrey. Though the case involved chronic patients with untreatable diseases, the decision does not name these conditions as a prerequisite, nor does it limit drugs which may or may not be illegal.

Fox Broadcasting Co. v. Dish Network, LLC is a copyright case in which the United States District Court for the Central District of California, by granting partial summary judgment, denied most parts of the copyright claims presented by Fox Broadcasting Company (Fox) against Dish Network (Dish) for its service, a DVR-like device that allowed users to record programming that could be accessed later through any Internet-connected device. The service offered by Dish also allowed users to record any or all Fox's prime-time programs and to automatically skips commercials (AutoHop).

<i>Craigslist Inc. v. 3Taps Inc.</i> 2013 Northern District of California Court case

Craigslist Inc. v. 3Taps Inc., 942 F.Supp.2d 962 was a Northern District of California Court case in which the court held that sending a cease-and-desist letter and enacting an IP address block is sufficient notice of online trespassing, which a plaintiff can use to claim a violation of the Computer Fraud and Abuse Act.

American Broadcasting Cos., Inc. v. Aereo, Inc, 573 U.S. 431 (2014), was a United States Supreme Court case. The Court ruled that the service provided by Aereo, which allowed subscribers to view live and time-shifted streams of over-the-air television on Internet-connected devices, violated copyright laws.

<i>Garcia v. Google, Inc.</i> Legal case

Garcia v. Google, Inc., 786 F.3d 733, is an ongoing dispute that arose when Cindy Lee Garcia sued Google and its video-sharing website, YouTube, to have the controversial film, Innocence of Muslims, taken down from the site. A California district court denied Garcia's motion for preliminary injunction, but, on appeal, a panel of the United States Court of Appeals for the Ninth Circuit reversed the lower court's decision, ordered YouTube to take down all copies of Innocence of Muslims, and remanded the case to the district court for reconsideration. In May 2015, in an en banc opinion, the Ninth Circuit reversed the panel's decision, vacating the order for the preliminary injunction.

Wolf v. Vidal, 591 U.S. ___ (2020), was a case that was filed to challenge the Trump Administration's rescission of Deferred Action for Childhood Arrivals (DACA). Plaintiffs in the case are DACA recipients who argue that the rescission decision is unlawful under the Administrative Procedure Act and the Fifth Amendment. On February 13, 2018, Judge Garaufis in the Eastern District of New York addressed the question of whether the government offered a legally adequate reason for ending the DACA program. The court found that Defendants did not provide a legally adequate reason for ending the DACA program and that the decision to end DACA was arbitrary and capricious. Defendants have appealed the decision to the Second Circuit Court of Appeals.

Van Buren v. United States, 593 U.S. ___ (2021), was a United States Supreme Court case dealing with the Computer Fraud and Abuse Act (CFAA) and its definition of "exceeds authorized access" in relation to one intentionally accessing a computer system they have authorization to access. In June 2021, the Supreme Court ruled in a 6–3 opinion that one "exceeds authorized access" by accessing off-limit files and other information on a computer system they were otherwise authorized to access. The CFAA's language had long created a circuit split in case law, and the Court's decision narrowed the applicability of CFAA in prosecuting cybersecurity and computer crime.

Biden v. Texas, 597 U.S. ___ (2022), was a United States Supreme Court case related to administrative law and immigration.

References

  1. Crocker, Andrew; Fischer, Camille (September 10, 2019). "Victory! Ruling in hiQ v. Linkedin Protects Scraping of Public Data". Electronic Frontier Foundation.
  2. Katris, Basileios "Bill"; Schaul, Robert J. (September 30, 2019). "Data Scraping Survives! (At Least for Now) Key Takeaways from 9th Circuit Ruling on the HIQ vs. Linkedin Case". The National Law Review.
  3. Heimes, Rita (September 20, 2019). "Data scraping and the implications of the latest LinkedIn-hiQ court ruling". iapp.org. International Association of Privacy Professionals.
  4. 1 2 Van Buren v. United States ,No. 19-783 , 593 U.S. ___, 141 S. Ct. 1648, 210 L. Ed. 2d 26 (2021).
  5. 1 2 hiQ Labs v. LinkedIn Corp., 31F.4th1180 (9th Cir.2022).
  6. 1 2 Whittaker, Zack (April 18, 2022). "Web scraping is legal, US appeals court reaffirms". TechCrunch.
  7. "hiQ and LinkedIn Reach Proposed Settlement in Landmark Scraping Case". The National Law Review. Retrieved December 22, 2022.
  8. 1 2 hiQ Labs v. LinkedIn Corp., 938F.3d985 (9th Cir.2019).
  9. Davis, Wendy (November 15, 2019). "LinkedIn To Ask Supreme Court To Intervene In Scraping Battle With HiQ". www.mediapost.com.
  10. LinkedIn Corp. v. hiQ Labs, Inc.,141S. Ct.2752, 210 L. Ed. 2d 902(2021).
  11. Chung, Andrew (June 14, 2021). "U.S. Supreme Court revives LinkedIn bid to shield personal data". Reuters . Retrieved June 14, 2021.