October 17, 2021

Volume XI, Number 290

Advertisement
Advertisement

October 15, 2021

Subscribe to Latest Legal News and Analysis

October 14, 2021

Subscribe to Latest Legal News and Analysis

hiQ LinkedIn Data Scraping CFAA Ruling Delayed Pending SCOTUS Decision

As readers of CPW know, data scraping is a hot button data privacy issue.  We previously covered the hiQ/LinkedIn data-scraping saga HERE, and HERE.  In the most recent ruling out of the Northern District of California, Judge Chen denied hiQ’s motion to dismiss LinkedIn’s counterclaims for breach of contract, misappropriation, and trespass to chattels.  Additionally, the Court deferred ruling on the motion to dismiss counterclaims for violation of the Computer Fraud and Abuse Act (“CFAA”) and California Penal Code § 502, pending the Supreme Court’s ruling on LinkedIn’s petition for a writ of certiorari.

What question is pending before the SCOTUS in LinkedIn’s petition for writ?  As LinkedIn phrases it, the issue is “[w]hether a company that deploys anonymous computer ‘bots’ to circumvent technical barriers and harvest millions of individuals’ personal data from computer servers that host public-facing websites—even after the computer servers’ owner has expressly denied permission to access the data—‘intentionally accesses a computer without authorization’ in violation of the Computer Fraud and Abuse Act.”  [Note: In hiQ’s framing, the question is instead whether a professional networking website, such as LinkedIn), may rely on CFAA’s prohibition on “intentionally access[ing] a computer without authorization” to prevent a competitor from accessing information that the website’s users have shared on their public profiles and that is available for viewing by anyone with a web browser.]

In addition to LinkedIn’s petition, the question of “when does a person exceed authorized access under the CFAA?” is also pending before SCOTUS in the case of United States v. Van Buren, 940 F.3d 1192 (11th Cir. 2019), although it involves different facts than the present litigation.  140 S. Ct. 2667 (2020).  According to Judge Chen, both decisions may “have an impact on the instant case.”  And “[t]he Court will be in a better position to address the counterclaim[s] once the Supreme Court has issued its decision in Van Buren and/or the instant case.”

Since the specific question pending before the SCOTUS relates to the meaning of “unauthorized access” under CFAA, it was not surprising that Judge Chen deferred the ruling on the CFAA claims until after the SCOTUS has issued its decision.  What was somewhat more surprising, or interesting, was the Court also deferring ruling under the California Penal Code § 502, pending the SCOTUS ruling.  The Court agreed that although § 502 is not on all fours with the CFAA, the question of whether “as a matter of policy, the use of public information should be deemed criminal conduct” was deemed related to the question of “unauthorized access” under CFAA.

For you novices out there, California Penal Code § 502 makes it unlawful to “knowingly” and “without permission” access, alter, damage, delete, destroy, or otherwise use any data, computer or computer system or network.  In contrast to the CFAA, § 502 does not require “unauthorized access” but rather “knowingly access,” “without permission.”  In other words, what makes the access unlawful, is that the person “without permission” takes, copies, or makes use of’ the data.  Some may say § 502 is more restrictive than CFAA, but regardless, there is no question that both of the currently unanswered questions are bound to have a significant impact in the data-scraping arena.

Regarding hiQ’s motion to dismiss LinkedIn’s counterclaims for breach of contract, misappropriation, and trespass to chattels, the Court considered those adequately pled, raising only factual disputes and questions, which are not meant to be addressed at the pleading stage.  At bottom, hiQ was not successful in its motion to dismiss, but to be fair, the true victory in this case is squarely dependent on the question pending before the SCOTUS.  Stayed tuned for that.  CPW will be there.

© Copyright 2021 Squire Patton Boggs (US) LLPNational Law Review, Volume XI, Number 116
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Zarish Baig Litigation Attorney Squire Patton Boggs Los Angeles, CA
Associate

Zarish Baig is an associate in our Litigation Practice, managing a wide variety of cases, including data privacy, Telephone Consumer Protection Act, breach of contract, white collar criminal matters, and internal and government investigations.

Before joining the firm, Zarish worked as a litigator in a mid-sized firm in the San Francisco Bay Area; and prior to that, as a litigator in Calgary, Canada. Zarish has experience representing clients from all over the world.

Zarish is a skilled trial lawyer and has participated in all stages of litigation on behalf of her clients....

213-689-5152
Kristin L. Bryan Litigation Attorney Squire Patton Boggs Cleveland, OH & New York, NY
Senior Associate

Kristin Bryan is a litigator experienced in the efficient resolution of contract, commercial and complex business disputes, including multidistrict litigation and putative class actions, in courts nationwide.

She has successfully represented Fortune 15 clients in high-stakes cases involving a wide range of subject matters.

As a natural extension of her experience litigating data privacy disputes, Kristin is also experienced in providing business-oriented privacy advice to a wide range of clients, with a particular focus on companies handling customers’ personal data. In this...

216-479-8070
Advertisement
Advertisement
Advertisement