What is often a surprise to would-be scrapers is that they must also consider the collective effect of a swarm of scrapers (a muster of miners? a horde of harvesters?).
Legal cases have focused on the potential for scraping activity by multiple persons to diminish the owner’s available bandwidth or server capacity. Interfering with a computer system owner’s data usage right (distinct from the use of the data itself) has been recognised as theft in New Zealand (Davies vs Police; and depriving an owner of bandwidth and server capacity has been held to constitute the old-fashioned tort of trespass to chattels in the US (eBay vs Bidder’s Edge).
New Zealand’s Crimes Act sets out a number of computer-related crimes including dishonestly accessing computer systems without authorisation (s 252), and accessing any computer system dishonestly, to obtain (or even merely intending to obtain) any property, privilege, service, pecuniary advantage, benefit or valuable consideration (s 249).
The first of these (s 252) expressly does not include accessing a computer system as a permitted user and using it for a non-permitted purpose. Arguably accessing a website which is intended for public use, and scraping for data, even though not permitted, would merely be using that computer system for a non-permitted purpose and would not fall foul of this section.
The scope of the second of these (s 249) is relatively untested, however, all indications are that the threshold is not high. Accessing a computer system can be as simple as sending an email (as occurred in Burt v Police) and would certainly include harvesting data by automated scraping. Dishonesty is no more than an absence of any belief that there was any express or implied consent from the relevant person as to the act carried out (s 217).
If the terms of the website expressly or impliedly prohibit scraping, dishonesty seems hard to argue against. Conversely, if the website terms are silent, dishonesty will be harder to establish. A pecuniary advantage, benefit, etc. is simply anything that enhances the accused’s financial position, according to New Zealand’s Supreme Court (Hayes v R). This would almost certainly cover obtaining data (at little or no cost) so as to increase the scraper’s potential for commercial sales.
So, what can you do? Well, all of the legal issues mentioned here can be overcome if the scraping is authorised by the relevant website or product owner. Can you build a relationship with the website or product owner by demonstrating you can add value to their business in some way?
If, like many of our clients you don’t want to be bothered with carefully analysing the legal rights and wrongs of your particular process then the take-home message should be this: although the law is always a step behind technological developments, the sentiment of the legal cases to date in a number of jurisdictions is that the website owner should be able to prevent scrapers from harvesting information without authorisation.
Sign up for CIO Asia eNewsletters.