HiQ Labs, Inc v LinkedIn Corp

Link to case

Introduction: 

September 9th, 2019: In an unprecedented ruling, a court has confirmed that collecting publicly available information from LinkedIn, is in fact, irrefutably legal.

Case Summary: 

HiQ Labs, a data analytics company, has been granted a preliminary injunction prohibiting LinkedIn Corporation from denying them access to publicly available Linkedin member profiles, a factor on which HiQ Lab’s entire business model is solely dependent. The court determined that data collection favors public interest, and that letting an entity like LinkedIn decide who can collect public information, gives them unfair control over how it can be put to use.  

About HiQ Labs

HiQ Labs is a data analytics organization, helping enterprises retain their talent with people analytics. The company collects publicly available data from LinkedIn profiles which powers their predictive ‘people analysis’ technology. This technology is used by companies in an effort to retain highly desirable employees, as well as identify knowledge/skill gaps within the organization. 

LinkedIn claimed that HiQ Lab’s collection of their user’s information violated the company’s user agreement while putting their users’ privacy at risk, and subsequently sent them a cease and desist letter. The letter stated that should they continue to collect LinkedIn profile information moving forward, they would violate a number of state and federal laws, including the Computer Fraud and Abuse Act (“CFAA”), the Digital Millennium Copyright Act (“DMCA”), California Penal Code § 502(c), and the California common law of trespass. The letter also stated that LinkedIn had taken action in blocking HiQ Labs from accessing their public profiles.

The preliminary injunction in favor of HiQ Labs was based on 4 main criteria:

1. Irreparable harm – without access to LinkedIn’s publicly available profiles, HiQ’s survival would be put at risk, as there were no other viable options to collect the employee/talent data needed to continue running their business. 
2. Balance of equities – LinkedIn claimed that HiQ’s actions threatened the privacy of its members, and therefore jeopardized the overall users’ trust. The panel determined that LinkedIn’s concerns were not significant enough to outweigh HiQ’s interest in continuing to run their business.
3. Likelihood of success – LinkedIn’s timing in blocking HiQ from accessing public information raised concerns about whether they were acting within the sphere of fair competition, as they had imminent plans to release a competing analytics tool. Additionally, without access to LinkedIn’s public profiles, HiQ would not be able to fulfill contractual obligations with existing customers. 
4. Public interest – each side claimed it benefits public interest by maximizing the free flow of information on the Internet. HiQ stated that data collection is a common method of gathering information used by academic researchers, etc, and that giving companies such as LinkedIn the power to decide who can collect public information, gives them unfair control over how it can be put to use. The court determined that the public interest favors hiQ’s position. 

The court has also examined a pivotal question with regards to the CFAA, which is whether once hiQ received Linkedin’s cease-and-desist letter, any further data collection and use of data was “without authorization”, within the meaning of the CFAA, and thus in violation of it.

The Court found that the CFAA is premised on a distinction between information that is presumptively accessible to the public and information for which authorization is generally required. Accordingly, the court distinguished between public websites and non-public or “restricted” websites (e.g., pages that are protected by a username and a password).

The court has held that such violations of the CFAA may generally only occur in situations where authorization is generally required, and has either never been given or has been revoked. Consequently, as the information that was collected was publicly available, the court found that hiQ’s practices did not violate the CFAA. 

Bottom line 

HiQ was acting within their legal rights to collect publicly available data on which their business model is reliant, and it is for this reason that the court ruled in their favor. LinkedIn’s claims of HiQ breaching laws such as the CFAA are unwarranted, as the data in question is publicly available.

Disclaimer

The information provided on this page does not, and is not intended to constitute legal advice. All information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information.