UPDATE: On October 22, 2018, the court denied the defendant’s CEO’s motion to dismiss for lack of personal jurisdiction. Subsequently, on January 2, 2019, the parties settled the matter and stipulated to a dismissal of the case.
This past week, a Texas district court denied a bid from a web service for a temporary restraining order (TRO) to enjoin a competitor that allegedly scraped a large amount of proprietary data from its closed site via several user accounts. (BidPrime, LLC v. SmartProcure, Inc., No. 18-478 (W.D. Tex. June 18, 2018)). While tempting to draw a general legal conclusion about the permissibility of scraping from this decision, the decision was in fact based on the judgement of the court that scraping was unlikely to continue during the pendency of the litigation.
Nonetheless, the dispute highlights the host of legal issues that can arise when an entity accesses a website or database to scrape data for competitive or other reasons using user credentials or fake accounts or proxies to mask its true identity. For example, the plaintiff BidPrime, LCC (“BidPrime”) sought injunctive relief based upon claims under the federal Computer Fraud and Abuse Act (CFAA) and state law counterpart, state trade secret law, and breach of contract, among others. Whether such claims are viable are of course dependent on the specific facts and circumstances of the dispute, the restrictions contained in the website terms of use, what countermeasures and demands the website owner made to the web scraper to prevent unwanted access, and the state of the current interpretation of applicable law. This decision did not analyze these factors beyond concluding that ongoing scraping was unlikely.