Rule: no scraping. TPM circumvention is unlawful (TREB v. Mongohouse permanent injunction)
Rule
Rule. Do not access MLS data by bypassing authentication or anti-scraping measures (TPMs). This is the clearest prohibition in the corpus.
Why. TREB v. Mongohouse (2019) — permanent injunction; scraping MLS by circumventing TPMs is unlawful (Copyright Act s.41 + AUA + third-party licence breaches) — Federal Court permanent injunction; framed as Copyright Act s.41 TPM circumvention + AUA breach + third-party licence breaches. TREB deploys anti-scraping services, firewalls, IDS, and encrypted token authentication as Technological Protection Measures (TPMs) — TREB's TPMs are factually established.
How to apply. Any product idea that involves "we'll just scrape the MLS" is dead on arrival. Use the lawful licensed feed paths or the agent-permissioned model — and pair the latter with the Rule: the agent-permissioned (Redatum) seam survived only an injunction — no court has ruled it lawful. Boards actively terminate feeds. Treat as exposed, build resilience caveat.
Related entries
Depends on
- research-notes Research notes (capture-layer): inside the MLS box — what an Ontario member agent's account exposes, what goes unused, and what they're licensed to do with it (June 2026)
- reference TREB deploys anti-scraping services, firewalls, IDS, and **encrypted token authentication** as Technological Protection Measures (TPMs)
- reference TREB v. Mongohouse (2019) — permanent injunction; scraping MLS by circumventing TPMs is unlawful (Copyright Act s.41 + AUA + third-party licence breaches)