LinkedIn has had a court victory in its long-running battle against hiQ Labs, which has been scraping publicly accessible LinkedIn user data for use in its own recruitment insights app.
The case began back in 2017, when LinkedIn sought legal intervention to cut off hiQ Labs from its service after discovering that hiQ had been harvesting LinkedIn user data in order to build its own recruitment information service.
hiQ Labs uses LinkedIn profile information to build data profiles that it says can predict when an employee is more likely to leave a company.
LinkedIn has argued that this is against its user agreement (i.e. users had not agreed to allow the usage of their information in this way) and is therefore in violation of the Computer Fraud and Abuse Act. The case has gone back and forth ever since, and has become a precedent-setting example for data scraping, and what can be done, legally, with publicly available information online.
And in the latest ruling, the court has ruled in favor of LinkedIn.
As explained by LinkedIn’s Chief Legal Counsel Sarah Wight:
“Today in the hiQ legal proceeding, the Court announced a significant win for LinkedIn and our members against personal data scraping, among other platform abuses. The Court ruled that LinkedIn’s User Agreement unambiguously prohibits scraping and the unauthorized use of scraped data as well as fake accounts, affirming LinkedIn’s legal positions against hiQ for the past six years. The Court also found that hiQ knew for years that its actions violated our User Agreement, and that LinkedIn is entitled to move forward with its claim that hiQ violated the Computer Fraud and Abuse Act.”
That’s a significant win, as it will enable LinkedIn to once again challenge hiQ’s usage of LinkedIn user information, while as noted, the case also has implications for all social networks in regards to what data others can use from their apps.
Meta is also in the process of legal proceedings to combat data scraping, with the company launching legal action in 2020 against two developers that created browser extensions which extracted user data from Facebook, Instagram, Twitter, YouTube, LinkedIn and Amazon, ‘in order to sell marketing intelligence and other services.’
The broader implications of this are that if no legal recourse can be established, the platforms are then forced to hide more information behind log-in walls, essentially locking it away to protect it from misuse. Which, in some ways, could be a better way to go, but it also means that posts can’t be indexed by Google, limiting discovery and referral traffic, while it also makes it harder to lure new users, as it limits access to get a feel for the app before signing up.
Already, most social apps have limited their non logged-in access as a result, but it’s possible that this case could set a new precedent for such use, which could make it easier for the platforms to operate without fear of oversharing.
Essentially, the case highlights gaps in the law in regards to data misuse, and the need to establish clearer regulations around personal data usage, and what can be taken from online platforms, in a legal sense.
It seems fairly obvious that a company should not be allowed to use your personal information without your permission, and make a profit from such, but the laws are not entirely clear, which is why this case is so important in a broader social media context.
LinkedIn will now return to the courts to push for an official ruling on the case.