Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Looking back at 2021 and ahead to 2022
Monthly Minute | Protecting Against Data Scrapers
Death of Activist Aaron Swartz Could Spur Changes to Computer Fraud & Abuse Act
Employer’s Takeover of Former CEO’s LinkedIn Account Lawful Under CFAA
Over the last several years, litigation (often class actions) premised on the use of technology like session-replay products, web beacons, pixels, and cookies has proliferated. Typical theories include plaintiffs claiming...more
On January 23, 2024, the court in Meta Platforms Inc. v. Bright Data Ltd., Case No. 3:23-cv-00077-EMC (N.D. Cal.), issued a summary judgment ruling with potentially wide-ranging ramifications for the law of scraping and...more
X Corp (formerly Twitter) has cracked down on data scrapers in a series of lawsuits filed within the last several weeks. One lawsuit targets an Israel-based research firm that provides commercial data scraping, called Bright...more
Summary - A class action lawsuit filed against OpenAI and its primary investor, Microsoft, seeks damages and injunctive relief for the alleged theft and commercial misappropriation of consumer personal data processed by and...more
This week, a lawsuit was filed in the U.S. District Court of Massachusetts against the Commonwealth of Massachusetts for its use of a COVID-19 contact-tracing app for residents’ mobile phones. However, very few residents...more
On remand from the Supreme Court of the United States, the US Court of Appeals for the Ninth Circuit reaffirmed its own 2019 opinion that preliminarily enjoined a professional networking platform from denying a data analytics...more
On April 18, the Ninth Circuit issued its opinion in hiQ Labs, Inc. v. LinkedIn Corporation in which the court clarified its position on an important topic: whether the common practice of data “web scraping” can create...more
In September 2019, the Ninth Circuit held that hiQ Labs, Inc.’s (“hiQ”) collection and use of information that LinkedIn users shared on their public profiles did not violate the Computer Fraud and Abuse Act (“CFAA”) because...more
On April 18, 2022, the Ninth Circuit reaffirmed its narrow interpretation of the Computer Fraud and Abuse Act’s (CFAA) “without authorization” prong in a data scraping dispute between hiQ and LinkedIn. The opinion upheld a...more
After two decisions by the US Court of Appeals for the Ninth Circuit, data scraping is deemed legal if the information is publicly accessible on the internet. ...more
The Ninth Circuit Court of Appeals recently ruled in HiQ Labs, Inc. v. LinkedIn that automated web scraping of publicly accessible websites does not violate the Computer Fraud and Abuse Act (CFAA), even if the website owner...more
In a much-anticipated ruling this week addressing the confluence of website scraping and computer hacking law, the U.S. Court of Appeals for the Ninth Circuit became the latest federal court to limit the reach of the Computer...more
On remand from the U.S. Supreme Court, the U.S. Court of Appeals for the Ninth Circuit reaffirmed a California district court’s order preliminarily enjoining LinkedIn from denying hiQ Labs, a data analytics company, access to...more
The past year’s trends in privacy and cybersecurity are set to intensify in 2022, with heightened threats, increased regulations, and elevated expectations - as well as new opportunities. To navigate the year ahead, we lay...more
Selling web users’ personal data is big business — with a projected worth of $400 billion by 2025. In industries as diverse as health insurance and automobile manufacturing, companies that collect and aggregate user data to...more
In today’s digital age, employers store immense amounts of information, including confidential and proprietary information, on their on-premises systems, cloud-servers and other data storage solutions. With this collection of...more
For years, website owners have leveraged the federal Computer Fraud & Abuse Act (CFAA) as a tool to combat unauthorized scraping of data and other content from their websites. Due to a circuit court split on the...more
On September 30, 2021, a Texas district court granted Southwest Airline Co.’s (“Southwest”) request for a preliminary injunction against online travel site Kiwi.com, Inc. (“Kiwi”), barring Kiwi from, among other things,...more
On August 5, 2021, a proposed class action settlement was reached in the closely-watched privacy action against fintech services company Plaid Inc. (“Plaid”). The settlement features a $58 million settlement fund and certain...more
On April 30, 2021 a California district court trimmed various federal privacy-related claims, including the Computer Fraud and Abuse Act (CFAA) claim, from a highly-visible, ongoing putative class action against fintech...more
Once a month, we cover an interesting topic in 60 seconds. This month, Richard Goldstucker and Jeff Fisher discuss protecting your organization's data against data scrapers....more
In November 2020, Yodlee and its parent company Envestnet filed separate motions to dismiss the class action lawsuit brought over Yodlee’s alleged data collection and use practices. Yodlee’s motion to dismiss argued that...more
Last week, a putative privacy-related class action was filed in California district court against financial analytics firm Envestnet, Inc. (“Envestnet”), which operates Yodlee, Inc. (“Yodlee”). (Wesch v. Yodlee Inc., No....more
If you are like me and recently purchased new technology to help you efficiently work remotely during the COVID-19 pandemic, you may be using a device that incorporates facial recognition technology into its cadre of...more
In Compulife Software Inc. v. Newman, No. 18-12004, 2020 WL 2549505 (11th Cir. May 20, 2020), the Eleventh Circuit vacated a trial court ruling that competitors who used a website operator’s server and database did not...more