Court reaffirms that data scraping isn’t hacking in LinkedIn appeal

The court dismissed LinkedIn's arguments that it had put up "gates" in the form of technical measures to block scraping and legal action.
LinkedIn accounts. (Getty)

The 9th Circuit Court of Appeals on Monday reaffirmed a 2019 ruling that LinkedIn could not ban competitor hiQ Labs from scraping publicly available data on its platform by citing federal hacking laws.

The case dates back to a 2019 lawsuit by HiQ Labs to block a cease-and-desist letter from LinkedIn aimed at halting the company from scraping public data from the social networking site. The court sided with hiQ Labs, deciding that LinkedIn couldn’t invoke federal hacking laws to stop the behavior as it likely did not violate them.

LinkedIn appealed the case to the Supreme Court, which remanded the case back to the 9th Circuit court this summer after its ruling in the Van Buren case, a landmark test of the extent of U.S. hacking laws. The case involved a former Georgia police officer who was accused of violating the Computer Fraud and Abuse Act (CFAA) by looking up license plate data in exchange for bribes. The Supreme Court issued a 6-3 ruling that his improper use of otherwise authorized access didn’t constitute hacking.

While the Van Buren ruling did not directly address the questions in hiQ v. LinkedIn, the 9th Circuit decided that the Supreme Court’s use of a “gates up or gates down analogy” to determine unauthorized versus authorized access applied to the LinkedIn case. The court dismissed LinkedIn’s arguments that it had put up “gates” in the form of technical measures to block scraping and legal action.


“As we have noted, however, a defining feature of public websites is that their publicly available sections lack limitations on access; instead those sections are open to anyone with a web browser,” the court wrote. “In other words, applying the ‘gates analogy’ to a computer hosting publicly available webpages, that computer has erected no gates to lift or lower in the first place.”

Tech companies have fiercely opposed the idea of data scraping off their platforms in recent years. For instance, major facial recognition vendor Clearview AI has been challenged in court by both social media companies and advocacy groups who say its scraping public photos off social media platforms to build its facial recognition technology poses societal harms. Conversely, academics have argued that companies like Facebook have censored research into their technologies by shutting down academic data scraping projects.

“We’re disappointed, but this was a preliminary ruling and the case is far from over,” LinkedIn wrote in a statement to CyberScoop. “We will continue to fight to protect our members’ ability to control the information they make available on LinkedIn.”

Updated 4/18/22: To include a statement from LinkedIn.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts