• START
  • SCRAPING
    • SCRAPING DEFINED
    • SCRAPER BOTS
    • SCRAPING THREATS
    • SECTORS AT RISK
  • SERVICES
  • CLIENTS
  • ABOUT
  • RESOURCES
    • SCRAPING NEWS
    • SCRAPESENTRY THREAT REPORT 2014
    • CASE STUDIES
    • SCRAPING FAQ
    • SCRAPING TERMINOLOGY
  • CONTACT

Blog Post

02
SEP
2014

Web scraping and the Computer Fraud and Abuse Act

Tags : legal, personal data, screen scraping
Posted By : Martin Zetterlund
Comments : Off

Over the years web scraping has rapidly increased, and in 2013, about 23% of all internet traffic was scraping-related. It is extremely easy to perform as just simple online search will provide step-by-step guides of how to do it. This could also have something to do with it gradually increasing over time as people are connected to the internet more now than before.

Should we combat web scraping?

There are some cases in which web scraping can be very disruptive to the general public. Due to this, the Computer Fraud and Abuse Act (CFAA) was created to combat web scraping.  The CFAA imposes liability on “whoever…intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains…information from any protected computer”. This has helped to solve many cases, but there is one main underlying question, does web scraping actually violate the CFAA?

The CFAA was originally intended to be an anti-hacking statute, not used to combat web scraping. Many think that web scraping doesn’t violate the CFAA because it only accesses information on websites that is already publicly available, which means that it doesn’t violate the CFAA. However, things are never as simple as they seem, just as there are always two sides to an argument. There are many cases where the CFAA have intervened in web scraping.

On one side of the web scraping debate are the people who are simply accessing public information and are not actually harming anyone through web scraping. For example, companies that have limited resources make use of web scraping to access large amounts of data quickly, so that they can identify what is needed on the market according to consumer demand. This, technically, helps the general public if they then generate whatever is in demand, so here there would probably not be many complaints about violating the CFAA.

However, on the flipside of this argument are the people who use web scraping to con people out of money, or just to generally disrupt day-to-day life. These websites will take data and use it against the individual person. An example of this is a website called Jerk.com which supposedly scraped personal information from Facebook, changing people’s profiles to identify them as a “Jerk” or “not a Jerk”. The people who were affected were then allegedly told that if they wanted to get rid of the labels, they could remove them by paying $30 to the website. This affected around 73 million people. Fair enough to say, all these victims (including children) were not amused by this kind of web scraping, so it is easy to understand why many argue about web scraping violating the CFAA.

Has the CFAA been successful combating web scraping?

Yes and no. The CFAA was not originally intended to combat web scraping; it was designed to prevent hacking as mentioned earlier. This means that in some scraping cases that are brought forward to the courts, claiming CFAA violation has been a success, whereas in others, the courts have been more unwilling to accept the CFAA violation case.

Again, there are usually two types of cases brought forward. One of these is by websites that have been scraped, contacted the other website which is scraping them, and clearly revoking authorization for them to use any information gathered. If the scraping website continues to gather information despite being politely asked (or more likely warned) to stop, they can be taken to court under the violation of the CFAA. These types of cases have had the most success in court. This is most likely because the ‘victim’ website contacts the other website and tries to solve the problem, which means that the CFAA will definitely be violated if that website then continues to scrape information without authorization.

So, from this, how do we know when publicly available data actually is publicly available? Should we really upload personal information on websites such as Facebook? This is still an ongoing debate to which there are many sides. However, it is good to be aware of everything that can happen when using the internet. Being socially aware is the key to protecting yourself against online fraud, and if something does eventually affect you, remember that when properly used, the CFAA remains a feasible tool to combat web scraping.

Others also read

  • Is screen scraping legal?
  • Changing IP address in order to scrape website a violation against US lawChanging IP address in order to scrape website a violation against US law
  • Protecting personal data from screen scraping

Social Share

Need to talk to an expert?

We have helped several companies in various sectors since 2006. Are you afraid that your business is at risk? Then you should talk to one of our anti scraping experts. We operate with integrity and respect your confidentiality.
Contact us today!

Stop scraping and bad bots with ScrapeSentry

ScrapeSentry is a complete combination of technology, behavioral analysis, expertise and most importantly 24/7 human moderation. Find out how ScrapeSentry can secure your business!
Read more!

Recent Articles

scraping_airlines_skiplagged

United Airlines and Orbitz sue Skiplagged the hidden-city ticketing site for scraping

January 26, 2020
scraping_problems_in_ticketing

The Scraping Problem in Ticketing - View Slideshow

April 09, 2020
scraper_report_tool

Google Launches Google Scraper Report Form

April 07, 2020
scraper_bots_linkedin

Competitor Used Scraper Bots in Order to Copy Linkedin Profiles

April 04, 2020
scrapers_in_ticketing

Ticketmaster Sues Notorious Ticket Scraper Higs

March 28, 2020

ScrapeSentry - The Anti Scraping Service

We offer guaranteed detection and scraping prevention in near real-time. A combination of technology, behavioral analysis, expertise and most importantly 24/7 human moderation.
More about ScrapeSentry!

The ScrapeSentry Threat Report

ScrapeSentry Threat Report 2014 is a report based on data from the world's largest database for scraping related activity. The report shows an increase in scraping related activity since 2013.
Download the report!

Recent Articles in our Newsroom

scraping_airlines_skiplagged

United Airlines and Orbitz sue Skiplagged the hidden-city ticketing site for scraping

January 26, 2020
scraping_problems_in_ticketing

The Scraping Problem in Ticketing - View Slideshow

April 09, 2020
scraper_report_tool

Google Launches Google Scraper Report Form

April 07, 2020
scraper_bots_linkedin

Competitor Used Scraper Bots in Order to Copy Linkedin Profiles

April 04, 2020
scrapers_in_ticketing

Ticketmaster Sues Notorious Ticket Scraper Higs

March 28, 2020

Head Office:

Sentor MSS AB
Björns Trädgårdsgränd 1
116 21 Stockholm
Sweden
+46 8 545 333 00

UK Office:

Sentor MSS UK
35-37 Blackstock Road
London N4 2JF, UK
+44 207 183 3553

US Office:

ScrapeSentry Inc.
326 Commercial Street
Boston, MA 02109
1-800-351-1691
Copyright © 2015 ScrapeSentry. All rights reserved.