Skip Repeated Content

Washington Partner Mark Srere was quoted Jan. 13 by SC Magazine on a coding problem by social media site Parler, preferred by the extreme-right, that left it open to data scraping. Users of Parler recently learned that a researcher was able to archive nearly all the posts, including many that users thought they had deleted, by using insecure direct object references (IDOR). Court cases show that legal protections against scraping remain unsettled. The U.S. Supreme Court just heard oral arguments in a case to determine whether violation of a site’s terms of service equals violation of the law under the Computer Fraud and Abuse Act (CFAA). Srere, co-leader of BCLP’s Investigations, Financial Regulation & White Collar Group, said at issue is the meaning of “exceeds authorized access” in the CFAA. If violating a site’s terms of service exceeds authorized access for a website, a scraper is open to both civil and criminal penalties. But courts have been split about how to interpret the law, and most people believe there is always some degree of lying on the internet that shouldn’t be prosecuted by law. “What if you lied about your height and weight on Tinder?” Srere asked. Regardless of the outcome of the case, he added, most businesses will want more advanced protections against scraping than the courts are in any position provide. “I would suspect there is a technical solution better to rely on than a legal” one, he said.

This document provides a general summary and is for information/educational purposes only. It is not intended to be comprehensive, nor does it constitute legal advice. Specific legal advice should always be sought before taking or refraining from taking any action.