Online Content

Subscribe to Online Content via RSS

This month, an Illinois district court considered another in the series of web scraping disputes that have been working their way through our courts.  In this dispute, CouponCabin, Inc. v. PriceTrace, LLC, No. 18-7525 (N.D. Ill. Apr. 11, 2019), CouponCabin alleged that a competitor, PriceTrace, scraped coupon codes from CouponCabin’s website without authorization and displayed them on its own website.

After discovering PriceTrace’s scraping activities, CouponCabin sent PriceTrace a cease and desist letter demanding that PriceTrace stop scraping data from CouponCabin’s website.  CouponCabin alleged that PriceTrace continued to access and scrape data from CouponCabin’s website even after the C&D letter was sent. As a result, CouponCabin brought several causes of action against PriceTrace, including claims under the Computer Fraud and Abuse Act (CFAA), tortious interference and breach of contract.

The court found that CouponCabin’s C&D letter had revoked PriceTrace’s access to its site and that PriceTrace’s alleged continued access to the website plausibly stated a violation of the CFAA’s “unauthorized access” provision (18 U.S.C. §1030(a)(2)(C)).  Ultimately, however, the court dismissed the CFAA claims with leave to amend, due to plaintiff’s failure to plead the requisite amount of damage or loss as required to maintain a civil action under the CFAA.

“CouponCabin is simply alleging that PriceTrace was able to circumvent CouponCabin’s website security, with no allegation that such evasion impairs or harm the website. Absent allegation of impairment, CouponCabin has merely alleged that PriceTrace accessed CouponCabin’s website without authorization.”

In what is one of the most recent attempts to circumvent the immunity provided in Section 230 of the Communications Decency Act (“CDA” or “CDA Section 230”), the United States District Court for the District of Massachusetts made it clear that claims brought under the Defend Trade Secrets Act (18 U.S.C. §§ 1836, et seq.) (“DTSA”) are not exempt from the scope of CDA immunity. In Craft Beer Stellar, LLC v. Glassdoor, Inc., No. 18-10510, 2018 U.S. Dist. LEXIS 178960 (D. Mass. Oct. 17, 2018)), the district court found that, as stated in the DTSA itself, the DTSA is not an “intellectual property” law, and is therefore not excluded from the scope of the immunity provisions that protect online service providers from being treated as a publisher or distributor of third-party content. The ruling is a victory for online providers, affirming a robust interpretation of CDA immunity and representing what is likely the first judicial view on how federal trade secret claims should be treated under CDA Section 230. 

UPDATE: On January 22, 2019, the Supreme Court denied review of the California Supreme Court decision.

In a closely-followed dispute, the California Supreme Court vacated a lower court order, based upon a default judgment in a defamation action, which had directed Yelp, Inc. (“Yelp”), a non-party to the original suit, to take down certain consumer reviews posted on its site. (Hassell v. Bird, No. S235968, 2018 WL 3213933 (Cal. July 2, 2018)).  If the plaintiffs had included Yelp as a defendant in the original suit, such a suit would have likely been barred by Section 230 of the Communications Decency Act (“CDA” or “CDA Section 230”); instead, the plaintiffs adopted a litigation strategy to bypass such legal immunities.  In refusing to allow plaintiff’s “creative pleading” to avoid the CDA, the outcome was a win for online companies and platforms that host user-generated content (“A Case for the Internet,” declared Yelp).

UPDATE: On November 1, 2018, the court dismissed the plaintiff’s amended complaint (which apparently dropped the CFAA claim and asserted Lanham Act and DMCA claims).  Specifically, the plaintiff asserted, among other things, that defendant removed the copyright management information (CMI) from plaintiff’s listings and website source code. The court ruled that plaintiff failed to show that the generic copyright notice at the footer of each web page covered the listings and images that the defendant allegedly scraped, noting that “websites generally do not claim ownership or authorship over an image just because the image appears on the website.” With no evidence that the defendant removed or altered any CMI from the listings it allegedly scraped, the court held that the DMCA claim failed. Following the filing of a second amended complaint, the court, on March 22, 2019, dismissed the action, with prejudice. Regarding the DMCA claim, the court stated that it was “simply not reasonable to expect a viewer of the website to understand that each photograph was subject to protection when there is nothing near the photographs indicating who owns them. Had Alan Ross intended to assert copyright protection for the photographs it owned, it should have included a watermark or other mark on or near the listings, rather than a general copyright notice at the bottom of the page that does not indicate to what it refers.” The court ruled that a general copyright notice on the bottom of a webpage is not CMI “conveyed in connection with” photographs and listings contained on those webpages. Lastly, the court held that the link to plaintiff’s website terms was also not CMI “conveyed in connection with the work” because the terms were located on a separate page than the listings that were allegedly scraped and did not expressly state ownership of the images and listings, merely that unauthorized copying is prohibited.  Following the dismissal, the plaintiff filed a notice of appeal to the Seventh Circuit.

This past week, an Illinois district court dismissed, with leave to amend, claims relating to a competitor’s alleged scraping of sales listings from a company’s website for use on its own site. (Alan Ross Machinery Corp. v. Machinio Corp., No. 17-3569 (N.D. Ill. July 9, 2018)).

The court dismissed a federal Computer Fraud and Abuse Act (CFAA) claim that the defendant accessed the plaintiff’s servers “without authorization,” finding that the plaintiff failed to plead with specificity any damage or loss related to the scraping and did not allege that the unlawful access resulted in monetary damages of $5,000 or more as required to maintain a civil action under the CFAA.  In the court’s view, the “mere copying of electronic information from a computer system is not enough to satisfy the CFAA’s damage requirement.”  The court also dismissed plaintiff’s breach of contract claims, concluding that defendant did not have notice of the plaintiff’s website terms and conditions based upon an unenforceable browsewrap agreement.

Such Scraping “Plausibly Falls within the Ambit of the First Amendment”

The Ninth Circuit is currently considering the appeal of the landmark hiQ decision, where a lower court had granted an injunction that limited the applicability of the federal Computer Fraud and Abuse Act (CFAA) to the blocking of an entity engaging in commercial data scraping of a public website.  While we wait for that decision, there has been another fascinating development regarding scraping, this time involving a challenge to the CFAA brought by academic researchers.  In Sandvig v. Sessions, No. 16-1368 (D.D.C. Mar. 30, 2018), a group of professors and a media organization, which are conducting research into whether the use of algorithms by various housing and employment websites to automate decisions produces discriminatory effects, brought a constitutional challenge alleging that the potential threat of criminal prosecution under the CFAA for accessing a website “without authorization” (based upon the researchers’ data scraping done in violation of the site’s terms of use) violates their First Amendment rights.

In a preliminary decision, a district court held that the plaintiffs have standing and allowed their as-applied constitutional challenge to the CFAA to go forward with regard to the activity of creating fictitious accounts on web services for research purposes.  The decision contains vivid language on the nature of the public internet as well as how the plaintiffs’ automated collection and use of publicly available web data would not violate the CFAA’s “access” provision even if a website’s terms of service prohibits such automated access (at least with respect to the facts of this case, which involves academic or journalistic research as opposed to commercial or competitive activities).

Today, the President signed H.R. 1865, the “Allow States and Victims to Fight Online Sex Trafficking Act of 2017” (commonly known as “FOSTA”).  The law is intended to limit the immunity provided under Section 230 of the Communications Decency Act (“CDA Section 230”) for online services that knowingly host third-party content that promotes or facilitates sex trafficking. As drafted, the law has retroactive effect and applies even with respect to activities occurring prior to its enactment.

UPDATE: On March 19, 2018, the district court granted the defendant’s motion for certification of the court’s February 15th partial summary judgment decision for interlocutory appeal to the Second Circuit.  In allowing immediate appeal, the court agreed that its prior order “has created tremendous uncertainty for online publishers” and “given the frequency with which embedded images are ‘retweeted,’ the resolution of this legal question has an impact beyond this case.”  We will closely follow the appeal of this important copyright issue.

UPDATE: On July 17, 2018, the Second Circuit denied the petition for interlocutory appeal.

A New York district court recently held that a host of online news publishers and media websites that embedded certain tweets (containing unauthorized uploads of plaintiff’s copyrighted photo) on their websites violated the plaintiff’s exclusive display right, despite the fact that the image at issue was hosted on a server owned and operated by an unrelated third party (i.e., Twitter).  (See Goldman v. Breitbart News Network, LLC, No. 17-03144 (S.D.N.Y. Feb. 15, 2018)).  In doing so, the court declined to adopt the Ninth Circuit’s so-called “server test” first espoused in the 2007 Perfect 10 decision, which held that the infringement of the public display right in a photographic image depends, in part, on where the image was hosted.

Under the “server test,” only a server that actually stored the photographs and “serves that electronic information directly to the user (`i.e., physically sending ones and zeroes over the Internet to the user’s browser’) could infringe the copyright holder’s rights.” In its ruling, the Goldman court granted the plaintiff’s motion for partial summary judgment, and determined that the reasoning of the Perfect 10 decision, which applied to a search engine’s image search function and display of full-size images hosted on third-party servers to a user, was not applicable to the embedding practices the media sites engaged in. 

UPDATE:  On February 22, 2018, the district court granted 3taps’s motion to relate its action to the ongoing hiQ v. LinkedIn litigation. This motion was based upon a local Northern District of California rule that holds that cases should be related when the actions concern substantially the same parties, transaction or event, and there would be an “unduly burdensome duplication of labor…or conflicting results” if the cases were heard before different judges.  As a result, the 3taps case, over the opposition of LinkedIn, was reassigned to Judge Edward Chen, who also presided over the lower court proceedings in the hiQ v. LinkedIn litigation.

In the latest development in the legal controversy over scraping, 3taps, Inc. (“3taps”), a data aggregator and “exchange platform” for developers, filed suit against LinkedIn seeking a declaratory judgment that 3taps would not be in violation of the Computer Fraud and Abuse Act (CFAA) if it accesses and collects publicly-available data from LinkedIn’s website. (3Taps Inc. v. LinkedIn Corp., No. 18-00855 (C.D. Cal. filed Feb. 8, 2018)).  The basis of 3Taps’s complaint is last year’s hotly-debated California district court ruling (hiQ Labs, Inc. v. LinkedIn, Corp., 2017 WL 3473663 (N.D. Cal. Aug. 14, 2017)), where the court granted a preliminary injunction compelling LinkedIn to disable any technical measures it had employed to block a data analytics company from scraping the publicly available data on LinkedIn’s website. The hiQ ruling essentially limited the applicability of the CFAA as a tool against the scraping of publicly-available website data.  [For an analysis of the hiQ lower court decision, please read the Client Alert on our website].

Facebook recently announced that it would make changes to its news feed to prioritize content that users share and discuss and material from “reputable publishers.”  These changes are part of what Mark Zuckerberg says is a refocusing of Facebook from “helping [users] find relevant content to helping [users] have

In a blog post last month, Google announced that it would extend certain commitments it made to the FTC in 2012 that were set to expire relating to, among other things,  the scraping of third-party content for use on certain Google “vertical search” properties such as Google Shopping.  The announcement came days before the commitments were set to expire on December 27th and months after Yelp had claimed that Google was not living up to its promises by allegedly scraping Yelp local business photos for use in certain Google results (e.g., local business listings).