On Oct. 16, 2020, Facebook sent a cease-and-desist letter to researchers behind the NYU Ad Observatory project, who are web scraping Facebook to collect data on how Facebook targets political ads to Facebook users.
Web scraping, a technique used to extract large amounts of data from websites, is popular with sophisticated investors, including investment fund managers, as a source of alternative data, which is purchased from third-party vendors or scraped directly.
In the letter, Facebook contended, “Scraping tools, no matter how well-intentioned, are not a permissible means of collecting information from us” and threatened additional enforcement action if the project continued to scrape and refused to delete the collected data. The university researchers provide volunteers a plug-in that, when added to a browser, copies ads seen on Facebook and shares them with the project.
The action is the latest in Facebook’s efforts to more aggressively police web scraping on its sites and comes at a time when the industry is closely watching hiQ Labs, Inc. v. LinkedIn Corp. — a web scraping case pending in federal district court in California, with a petition for review of an initial preliminary injunction in favor of hiQ pending in the U.S. Supreme Court.
In 2017, LinkedIn sent a cease-and-desist letter to hiQ claiming hiQ’s scraping of LinkedIn’s public profiles violated LinkedIn’s user agreement and state and federal law, including the Computer Fraud and Abuse Act (“CFAA”). LinkedIn threatened to implement technical measures to prevent further scraping.
In response, hiQ went on offense and sued LinkedIn in federal court for injunctive relief and a declaratory judgment that hiQ’s activities were legally permissible. In August 2017, the district court granted hiQ a preliminary injunction, ordering LinkedIn to withdraw its cease-and-desist letter and remove any technical barriers to hiQ’s access to public profiles. In September 2019, the Ninth Circuit affirmed on appeal. LinkedIn sought Supreme Court review, and its petition for certiorari is currently pending.
While it remains to be seen if the Supreme Court will hear the appeal of the preliminary injunction, the rest of the case is proceeding in the district court.
The case has significant implications for fund managers who purchase web scraped data or engage directly in web scraping regarding the legality of such practices and the potential limits of what companies can do to prevent web scraping on their public websites.
This article appeared in the November 2020 edition of SRZ’s Private Funds Regulatory Update. To read the full Update, click here.
 In June, Facebook filed actions in federal court in California, Facebook, Inc. v. Zaghar, 3:2020-cv-04054 (N.D. Cal.), and in Spain against two different web scrapers. See ZDNet
 If the Supreme Court agrees to hear the case, it will consider the narrow issue of whether accessing public websites can be deemed to be “without authorization” under the CFAA. The Supreme Court already has agreed to hear a different CFAA criminal case this term, Van Buren v. United States. Although the case itself does not involve web scraping, it has potential implications for web scrapers. Indeed, the Reporters Committee for Freedom of the Press filed an amicus brief for the appellant arguing that too broad an interpretation of the CFAA in the Van Buren case could threaten to criminalize web scraping.
This communication is issued by Schulte Roth & Zabel LLP and Schulte Roth & Zabel International LLP for informational purposes only and does not constitute legal advice or establish an attorney-client relationship. In some jurisdictions, this publication may be considered attorney advertising. ©2020 Schulte Roth & Zabel LLP and Schulte Roth & Zabel International LLP. All rights reserved. SCHULTE ROTH & ZABEL is the registered trademark of Schulte Roth & Zabel LLP.