The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

Does data scraping violate the Computer Fraud and Abuse Act?

See Article Here

Very interesting write up on two legal cases that asked whether data scraping publically available sites violate the Computer Fraud and Abuse Act.

In hiQ Labs v. LinkedIn the court held that “[a] user does not ‘access’ a computer ‘without authorization’ by using bots [to scrape data].... when the data it accesses is otherwise open to the public.” In other words it is perfectly legal for a company to data scrape your LinkedIn public profile page. :-)

In the Sandvig v. Sessions case out of the District of Columbia the court stated that "Employing a bot to crawl a website or apply for jobs may run afoul of a website’s ToS (terms of service), but it does not constitute an access violation when the human who creates the bot is otherwise allowed to read and interact with that site” as “bots are simply technological tools for humans to more efficiently collect and process information that they could otherwise access manually.” That is a very interesting statement. 

It is important to note that these cases were very narrowly written to the facts in the respective cases and they draw a distinction between public "access" and requiring authentication, i.e. username and password for access.  

Mary Chaney