A recent circuit court opinion focused on "scraping," the popular and often controversial practice of creating a computer program to collect information embedded in a web site. In EF Cultural Travel BV, et al. v. Zefer Corporation, et al., the 1st Circuit upheld the preliminary injunction prohibiting defendant Zefer's scraper tool from accessing plaintiff EF's web site, but on much more narrow grounds than the district court. The court's opinion is noteworthy because it explicitly rejected the "reasonable expectations" test used by the district court to determine the limits of authorized access under the Computer Fraud and Abuse Act (the "CFAA").

The dispute began when a company founded by former EF employees hired Zefer to develop a scraper tool designed to access EF's web site and collect pricing information. EF's competitor then used this pricing data to undercut EF's prices.

The district court granted EF a preliminary injunction against its competitor and Zefer. The injunction prohibited them from scraping EF's site based on the district court's finding that use of the scraper tool went beyond the "reasonable expectations" of ordinary users and exceeded authorized access in violation of the CFAA. The defendants appealed the district court's ruling, but the circuit court affirmed the injunction.

However, in affirming the preliminary injunction against Zefer, the court rejected the "reasonable expectations" test used by the district court stating, "However useful a reasonable expectations test might be in other contexts where there may be a common understanding underpinning the notion, its use in this context is neither prescribed by the statute nor prudentially sound." The court continued, " we think that the public web site provider can easily spell out explicitly what is forbidden and, consonantly, that nothing justifies putting users at the mercy of a highly imprecise, litigation-spawning standard like 'reasonable expectations.' If EF wants to ban scrapers, let it say so on the web page or a link clearly marked as containing restrictions."

Know-how to win:

1. Ensure that your web site is governed by well-drafted terms of service. These terms of service should explicitly set forth the activities that are forbidden to users.

2. Determine whether your web site is recording (and storing) information concerning who is accessing your site and how it is being accomplished. Server log files sometimes collect evidence of unauthorized scraping.

The information contained in the e-Alert is designed to inform you of recent and newsworthy developments in these areas. It is intended to provide general information only and is not a legal opinion or legal advice. You should consult with an attorney about specific concerns in this area.