Court Rules That 'Scraping' Public Website Data Isn't Hacking

Scraping public data from a website doesn't constitute "hacking," according to a new court ruling that could dramatically limit abuse of the United States' primary hacking law. From a report: The ruling comes after a lengthy battle between data analytics firm HiQ Labs and Microsoft owned LinkedIn, which have been at each other's throats for several years over HiQ Labs' practice of scraping the business social networking website's public-facing data, then selling it (fused with other datasets) to a laundry list of employers. In the ruling by The Ninth Circuit Court of Appeals, the court shot down LinkedIn's claim that access to this public data violated the Computer Fraud and Abuse Act (CFAA). In its declaration, the court ruled that to violate the CFAA, somebody would need to actually "circumvent [a] computer's generally applicable rules regarding access permissions, such as username and password requirements," meaning it's not really hacking if you're not bypassing some kind of meaningful authorization system.

Dupe?

[Mister Transistor]

Dupe?

FP!

Re:

[msauve]

The article, msmash, or both?

Re:

[weilawei]

The article, msmash, or both?
--
"National Security is the chief cause of national insecurity." - Celine's First Law

Re:

[Ambient Sheep]

Yup, looks that way. From two days ago:

https://yro.slashdot.org/story... [slashdot.org]

Re:

[DickBreath]

It is NOT a dupe.

It is merely scraping the contents of the earlier article. Which cannot be considered hacking.

not with wget!

[BringsApples]

--Aaron Swartz

Re:

[weilawei]

I wonder if his estate will bring suit against JSTOR.

Re:

[schwit1]

Dismissed because of qualified immunity.

This should be interesting...

[That YouTube Guy]

I guess that explains why YouTube doesn't shut down websites that re-host entire channels using HTML code. It's not scraping if the data doesn't require authentication.

Good thing it's legal now

[SuperKendall]

Or else Slashdot could be charged with scraping previous stories!

What about ROBOTS.TXT

[Chromal]

What if it's forbidden by ROBOTS.TXT and you persist regardless and against the wishers of the site operator? It's still 'breaking and entering' if a door is unlocked and you intend to violate the owner's property rights. I'm mostly just curious how a court determines whether or not something was an authorized access if it's 'open' but expressly forbidden.

Re:

[will_die]

The exact wording is "circumvent [a] computer's generally applicable rules regarding access permissions" and the law makes it a crime to access âoewithout authorization.â.
You can make the case robot.txt is a safety measure not a permission. Same as a lift latch is not a locked door
But if you call robot.txt a permission then it would be a generally accepted rule regarding access so this decision would say you cannot scrap it.

Re:

[Glen Ruedinger]

So what if I never looked at ROBOTS.TXT. This is more like you have a bunch of signs outside your house that I read as I drive by and one of them labeled ROBOTS.TXT says that I can't read the other signs. There is no door to enter. Don't want you data public, put it behind a door, not in your front yard. case closed.

Re:

[AHuxley]

If the web site is open to the internet and is readable by human eyes?
Dont want humans reading s web site, dont put the dataset on the internet.
Can the human eyes do a lot of trespassing on a web site open to the internet?
Hire 100 people to "read" and save each page per larger site?
What would a ROBOTS.TXT actually do to a website if a human is searching, clicking to get further into the site?
ie surfing the site and saving each page/result?
Find that rate of 100 people doing that read/save work as shif