Authored by J. (Jay) T. Westermeier
Today's leading case relating to the Computer Fraud and Abuse Act, 18 U.S.C. §1030 (CFAA) is United States v. Nosal, 676 F.3d 854 (9th Cir. 2012). In the Nosal case, the Ninth Circuit, in an en banc decision, expressed great concern over imposing criminal liability under the CFAA for violations of private computer use policies like website terms of use. The Ninth Circuit notes that if use restrictions are subject to criminal liability under the CFAA violations of those user policies could be transformed into criminal crimes simply because a computer is involved. As such, the Ninth Circuit believes the CFAA should be narrowly interpreted. Using this narrow interpretation regarding access restrictions, a district court in California found a CFAA violation in the Craigslist Inc. v. 3Taps Inc., 2013 WL 4447520 (N.D. Cal. Aug. 16, 2013); and Craigslist Inc. v. 3Taps Inc., 2013 WL 1819999 (N.D. Cal. April 30, 2013), cases.
Even with this requirement for the CFAA to be narrowly construed, a new strategy related to the CFAA has evolved based on this Craigslist Inc. v. 3Taps Inc. case. Id. In the Craigslist case, the district court determined that Craigslist could take action to stop 3Taps from scraping and copying content from Craigslist's publicly accessible website. These actions serve as the framework for this strategy against scrapers. 3Taps used scraping activities to copy all of the content from the Craigslist website.
Craigslist took two relevant steps to stop 3Taps' scraping activities. First, Craigslist sent a cease-and-desist letter to 3Taps, informing 3Taps "that this letter notifies you and your agents, employees, affiliates, and/or anyone acting on your behalf are no longer authorized to access, and are prohibited from accessing Craigslist's website or services for any reason." The cease-and-desist letter was unambiguous. Craigslist specifically denied 3Taps authorization to access the Craigslist website for any purpose. Access to Craigslist's website was specifically prohibited for any purpose. In addition to the unequivocal cease-and-desist letter, Craigslist configured its website to block access from IP addresses associated with 3Taps. The ruling provides that 3Taps, notwithstanding the cease-and-desist letter and technological measures to bar 3Taps' access, bypassed these technological barriers by using different IP addresses and proxy servers to conceal its identity and continue scraping content from the Craigslist website.
In the Craigslist case, the district court held that where a user has been unambiguously notified that its access to a website is not authorized the user is therefore liable under the CFAA for accessing the Craigslist website without authorization.
Scrapers are a major concern to many content owners. The Craigslist case provides the framework for developing viable CFAA claims against scrapers using an unambiguous cease and desist letter to deny the scrapers with any authorization to access the content owner or licensee's website for any purpose. If you know the identity of companies or individuals that are scraping your website content, you should consider, among other strategies, including in your cease and desist letter to the scraper unequivocal access restrictions prohibiting any access to your website for any purpose whatsoever.
Copyright © Finnegan, Henderson, Farabow, Garrett & Dunner, LLP. This article is for informational purposes, is not intended to constitute legal advice, and may be considered advertising under applicable state laws. This article is only the opinion of the authors and is not attributable to Finnegan, Henderson, Farabow, Garrett & Dunner, LLP, or the firm's clients.
Workshop
Life Sciences Workshop: Updates and Key Trends in Pharmaceutical and Biotechnology IP Law
May 2, 2024
Cambridge
Due to international data regulations, we’ve updated our privacy policy. Click here to read our privacy policy in full.
We use cookies on this website to provide you with the best user experience. By accepting cookies, you agree to our use of cookies. Please note that if you opt not to accept or if you disable cookies, the “Your Finnegan” feature on this website will be disabled as well. For more information on how we use cookies, please see our Privacy Policy.
Finnegan is thrilled to announce the launch of our new blog, Ad Law Buzz, devoted solely to breaking news, developments, trends, and analysis in advertising law.