hiQ v LinkedIn (9th Cir. Apr 2022): scraping publicly accessible data likely doesn't violate CFAA — but hiQ still settled for $500K
Claim: Ninth Circuit (April 18, 2022) reaffirmed that scraping publicly accessible data likely does not violate the CFAA's "without authorization" provision.
Confidence: Verified.
The cautionary tale: December 2022, hiQ stipulated to a $500,000 judgment and permanent injunction — found liable for breach of LinkedIn's User Agreement (logged-in scraping + use of fake accounts).
The bifurcation:
- Logged-off scraping of public data — generally permissible under CFAA
- Logged-in scraping or accepting ToS — contract-based liability persists
For Candid use: Open-data feeds (StatCan, EIA, MSC) sidestep BOTH the CFAA question AND the contract trap. OGL-Canada is "perpetual"; ToS can change overnight. See Meta v Bright Data (Jan 2024, N.D. Cal.): Facebook/Instagram terms don't bar logged-off scraping of public data for the further-extended precedent and RULE: Build Candid client data products on official open-data feeds — never on scraped sources.
Referenced by (3)
- reference Meta v Bright Data (Jan 2024, N.D. Cal.): Facebook/Instagram terms don't bar logged-off scraping of public data depends-on
- rule RULE: Build Candid client data products on official open-data feeds — never on scraped sources depends-on
- reference Research brief: Public data as a private moat — building proprietary intelligence from government open data (piece 11 of 15) relates-to