On April 13th, in the northern district court of California, Craigslist was awarded $60 million in a data scraping case against real estate listing site Radpad (Craigslist, Inc. v. RadPad, Inc., No. 16-01856 (N.D. Cal. Apr. 13, 2017)).
Radpad was a site that listed house and apartment rentals. Part of Radpad’s unstated business model was to scrape real estate rental listings and related contact information off of Craigslist, and then email the property owners via Craigslist messaging in order to try to entice them to move their real estate listings from Craigslist to the Radpad site.
Like all data heavy sites that are targets for scrapers, Craigslist utilizes both technological and legal strategies in order to block data scrapers. However, data scrapers have developed sophisticated methods for getting around the technological blocks and seem to be pretty much unstoppable.
The law of data scraping
The primary legal strategy used by sites such as Craigslist against data scrapers is to include language in their applicable site terms of service that prohibit scraping and harvesting of data and user information. The Craigslist terms provide:
“Robots, spiders, scripts, scrapers, crawlers, etc. are prohibited, as are misleading, unsolicited, unlawful, and/or spam postings/email. You agree not to collect users' personal and/or contact information ("PI").”
This case presents a good example of the legal risks of data scraping. Here’s how the legal liability against Radpad played out:
- In order to scrape data, usually an account or multiple accounts must be opened. During that process, the terms of service must be accepted. Even if that process is completed by a robot, a court is likely to find that there is a valid acceptance of a website’s terms of service.
- A breach of contract claim based upon the violation of the anti-scraping provision in the terms of service becomes the base claim that starts the ball rolling. However, a breach of contract claim by itself does not pack a strong punch, because the standard remedy would just be a termination of the offending user’s account.
- However, once you violate the terms of service in this manner, then the scraping becomes unauthorized access to the site and a claim under the Computer Fraud and Abuse Act (and similar state statutes) can be made.
- In addition, the unauthorized taking and using of content may become the basis for a claim of copyright infringement.
- Since Radpad was also sending upwards of 400,000 emails to Craigslist users via the Craigslist messaging system to solicit their real estate listings, Craigslist was also able to make a claim under the California CAN-SPAM equivalent statute.
The damage award against Radpad looks like this:
- CAN-SPAM Violations: $40 million
- Copyright Infringement: $20.4 million
- Breach of terms of service: $160,000
Prior to the end of the case, Radpad became insolvent and their attorney withdrew from the case, so the award is equivalent to a default judgment.
Due to the insolvency, Craigslist will probably never collect the award. But that’s not the point. With a $60 million judgment, Craigslist has sent out a loud and clear message to would-be scrapers – violate our terms of service and scrape our data at your own risk.
It’s interesting to note that the content of a site like Craigslist is usually owned by the users and not the site, which makes a copyright infringement claim difficult. However, Craigslist took the unusual and creative approach of temporarily changing their terms of service to obtain an exclusive assignment of copyright rights to user content, which then allowed Craigslist to be the plaintiff in an infringement action.
That lawsuit in all likelihood drove Radpad into insolvency. In addition to the direct monetary fallout, Radpad had previously raised $13 million in investment rounds and one has to wonder how the investors are viewing the demise of the company hastened in part due to illegal marketing practices.
Obviously, don’t base your business model on data scraping.