Screen Scraping

Subscribe to Screen Scraping via RSS

A California district court issued an important opinion in a dispute between a ticket sales platform and a ticket broker that employed automated bots to purchase tickets in bulk. (Ticketmaster L.L.C. v. Prestige Entertainment, Inc., No. 17-07232 (C.D. Cal. Jan. 31, 2018)). For those of us who have been following the evolution of the law around the use of automation to scrape websites, this case is interesting. The decision interprets some of the major Ninth Circuit decisions of recent memory on liability for web scraping.  Indeed, two weeks ago, we wrote about a case in which the Ninth Circuit interpreted certain automated downloading practices under the CFAA and CDAFA. Also, we wrote about and are awaiting the decision in the hiQ v. LinkedIn appeal before the Ninth Circuit. Also prior posts on the topic include a discussion of a noteworthy appeals court opinion that examined scraping activity under copyright law and the scope of liability under the DMCA anticircumvention provisions.  These seminal decisions and the issues they raise were expressly or implicitly addressed in the instant case. While we will briefly review some of the highlights of this decision below, the case is a must-read for website operators and entities that engage in web scraping activities.

UPDATE: On September 27, 2018, the Supreme Court granted Rimini Street, Inc.’s petition for a writ of certiorari asking the Court to review part of the multi-million dollar damage award against it for costs and resolve an apparent circuit split over whether so-called “non-taxable costs” may be awarded under the Copyright Act (which allows for the recovery of “full costs”).  The question presented is: “Whether the Copyright Act’s allowance of “full costs” (17 U.S.C. § 505) to a prevailing party is limited to taxable costs under 28 U.S.C. §§ 1920 and 1821, as the Eighth and Eleventh Circuits have held, or also authorizes non-taxable costs, as the Ninth Circuit holds.”  On March 4, 2019, the Supreme Court ruled that the term “full costs” in §505 of the Copyright Act is limited to the six categories of taxable costs as specified at 28 U.S.C. §§1821 and 1920.

Earlier this month, the Ninth Circuit issued a noteworthy ruling in a dispute between an enterprise software licensor and a third-party support provider.  The case is particularly important as it addresses the common practice of using automated means to download information (in this case, software) from websites in contravention of website terms and conditions.  Also, the case examines and interprets fairly “standard” software licensing language in light of evolving business practices in the software industry. (Oracle USA, Inc. v. Rimini Street, Inc., No. 16-16832 (9th Cir. Jan. 8, 2018)).

In a blog post last month, Google announced that it would extend certain commitments it made to the FTC in 2012 that were set to expire relating to, among other things,  the scraping of third-party content for use on certain Google “vertical search” properties such as Google Shopping.  The announcement came days before the commitments were set to expire on December 27th and months after Yelp had claimed that Google was not living up to its promises by allegedly scraping Yelp local business photos for use in certain Google results (e.g., local business listings).

This past week, the Supreme Court denied the petitions for certiorari in two noteworthy Ninth Circuit decisions that had interpreted the scope of liability under the federal Computer Fraud and Abuse Act (CFAA) in the context of wrongful access of company networks by employees and in instances involving unwanted data

In a new development in an important scraping dispute, LinkedIn appealed the lower court’s decision to grant a preliminary injunction compelling LinkedIn to disable any technical measures it had employed to block the defendant’s data scraping activities.  LinkedIn’s brief was filed on October 3, 2017.  In it, LinkedIn asserts that

Craigslist has used a variety of technological and legal methods to prevent unauthorized parties from violating its terms of use by scraping, linking to, or accessing user postings for their own commercial purposes. For example, in April, craigslist obtained a $60.5 million judgment against a real estate listings site that had allegedly received scraped craigslist data from another entity. And craigslist recently reached a $31 million settlement and stipulated judgment with Instamotor, an online and app-based used car listing service, over claims that Instamotor scraped craigslist content to create listings on its own service and sent unsolicited emails to craigslist users for promotional purposes.  (Craigslist, Inc. v. Instamotor, Inc., No. 17-02449 (Stipulated Judgment and Permanent Injunction Aug. 3, 2017)).  

A Green Light for Screen Scraping? Proceed With Caution…

UPDATE:  As expected, LinkedIn appealed the lower court’s decision to grant a preliminary injunction compelling LinkedIn to disable any technical measures it had employed to block the defendant’s data scraping activities.  LinkedIn’s brief was filed on October 3, 2017.  In

Screen scraping is a problem that has vexed website owners since the early days of e-commerce – how to make valuable content available to users and customers, but prevent competitors from accessing such content for commercial purposes.  Even in the advent of social media, mobile commerce, and advanced software, the issue remains relevant to today’s companies, as evidenced by the craigslist’s victory this past week against an aggregator that had formerly scraped its user postings.

An ongoing dispute from this past winter that we have been watching has raised these long-standing issues anew.

Heritage Auctions, a major auction house that specializes in rare coins, entertainment memorabilia and natural historical items, has brought a multi-count suit against Christie’s, alleging that its competitor scraped millions of proprietary and copyrighted photos and listings from Heritage’s website and reposted them on its own subscriber-only auction site Collectrium. (Heritage Capital Corp. v. Christie’s, Inc., No. 16-03404 (N.D. Tex. filed Dec. 9, 2016)).  Plaintiffs claim that Collectrium removed copyright notices from the original listings and photos and ported the data onto its own site, thereby saving significant costs from producing similar listings or paying licensing fees and allegedly causing harm to Heritage in additional IT-related costs and diverted or lost business.

For years, craigslist has aggressively used technological and legal methods to prevent unauthorized parties from violating its terms of use by scraping, linking to or accessing user postings for their own commercial purposes.  In its latest judicial victory, on April 13, 2017, craigslist obtained a $60.5 million judgment against Radpad on various claims relating to harvesting content from craigslist’s site and sending unsolicited commercial emails to craigslist users. (Craigslist, Inc. v. RadPad, Inc., No. 16-01856 (N.D. Cal. Apr. 13, 2017)).

UPDATE: On January 18, 2019, the Ninth Circuit affirmed the award of damages and injunctive relief in favor of Facebook. (Facebook, Inc. v. Power Ventures, Inc., No. 17-16161 (9th Cir. Jan. 18, 2019) (unpublished)). The California district court in 2017 had awarded Facebook almost $80,000 in CFAA damages, representing only the period after Facebook sent its cease and desist letter to the defendant and including expenses both for technical measures to block Power Ventures from accessing Facebook servers and expenses for negotiating with Power Ventures to voluntarily stop its activities and destroy the data.  The lower court also granted Facebook’s request for a permanent injunction barring defendant from, among other things, accessing Facebook for a commercial purpose without permission.

  • Unauthorized Access: A former employee, whose access has been revoked, and who uses a current employee’s login credentials to gain network access to his former company’s network, violates the CFAA. [U.S. v. Nosal, 2016 WL 3608752 (9th Cir. July 5, 2016)]
  • Data Scraping: A commercial entity that accesses a public website after permission has been explicitly revoked can be civilly liable under the CFAA. However, a violation of the terms of use of a website, without more, cannot be the basis for liability under the CFAA, a ruling that runs contrary to language from one circuit level decision regarding potential CFAA liability for screen scraping activities (See e.g., EF Cultural Travel BV v. Zefer Corp., 318 F.3d 58 (1st Cir. 2003)). [Facebook, Inc. v. Power Ventures, Inc., No. 13-17102 (9th July 12, 2016)]

This past week, the Ninth Circuit released two important decisions that clarify the scope of liability under the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030.  The Act was originally designed to target hackers, but has lately been brought to bear in many contexts involving wrongful access of company networks by current and former employees and in cases involving the unauthorized scraping of data from publicly available websites.