LinkedIn Data Scraping Ruled Legal
A court has ruled that it’s legal to scrape publicly available data from LinkedIn, despite the company’s claims that this violates user privacy.
San Francisco-based start-up hiQ Labs harvests user profiles from LinkedIn and uses them to analyze workforce data, for example by predicting when employees are likely to leave their jobs, or where skills shortages may emerge.
After LinkedIn took steps to block hiQ from doing this, hiQ won an injunction two years ago forcing the Microsoft-owned company to remove the block. That injunction has now been upheld by the 9th US Circuit Court of Appeals in a 3-0 decision.
“There is little evidence that LinkedIn users who choose to make their profiles public actually maintain an expectation of privacy with respect to the information that they post publicly, and it is doubtful that they do,” wrote circuit judge Marsha Berzon.
“And as to the publicly available profiles, the users quite evidently intend them to be accessed by others.”
Berzon concluded that the data wasn’t owned by LinkedIn, but by the users themselves. She also noted that blocking hiQ would force the business to close.
The appeal was supported by Craigslist, which has had scraping problems of its own: back in 2015 it settled a similar case with two companies, one of which had been sharing Craigslist data and the other offering alternative interfaces for the site. In this case, it argued that the data scraping could make it easier for ‘bad actors’ to spam users via email, text or phone.
Controversially, LinkedIn attempted to stop hiQ’s activities using the US Computer Fraud and Abuse Act – effectively accusing hiQ of hacking the data.
However, Berzon put paid to the idea that hiQ was ‘free-riding’ on LinkedIn: “LinkedIn could satisfy its ‘free rider’ concern by eliminating the public access option, albeit at a cost to the preferences of many users and, possibly, to its own bottom line,” she said.
She also pointed out that the data being scraped wasn’t private – defined in law as ‘information delineated as private through use of a permission requirement of some sort’. Clearly, there’s no permission required to read a LinkedIn profile.
LinkedIn is considering an appeal.