Hiq Labs, Inc. v. Linkedin Corporation

Summary

HiQ Labs challenged LinkedIn's use of technical measures to prevent scraping of publicly available profile data, raising questions about computer access authorization and data collection rights.

Holding

The Ninth Circuit vacated the preliminary injunction and remanded the case to the district court for reconsideration in light of the Supreme Court's decision in Van Buren v. United States, which narrowed the scope of the Computer Fraud and Abuse Act (CFAA). The court determined that Van Buren's interpretation—that the CFAA prohibits accessing computers without authorization but not exceeding authorized access to obtain information—required fresh analysis of whether scraping publicly accessible data violates the CFAA.

Key Facts

HiQ Labs scraped publicly available LinkedIn profiles to provide workforce analytics. LinkedIn sent a cease-and-desist letter and implemented technical barriers to block HiQ's access. The key legal question centered on whether accessing publicly available data without permission violates the CFAA's prohibition on accessing computers 'without authorization.' The case has significant implications for web scraping, data portability, and the boundaries between public data access and unauthorized computer access. The Supreme Court's Van Buren decision fundamentally changed the CFAA analysis by distinguishing between gatekeeping restrictions (authorization to access) and use restrictions (what you do with authorized access), requiring courts to reconsider whether technical barriers to public data constitute authorization requirements under the CFAA.

Status Timeline